Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Barny_Riches's avatar
Barny_Riches
Icon for Altostratus rankAltostratus
Jan 27, 2021

CVE-2021-3156 | SUDO Heap-based Buffer Overflow

Are any of the BIG-IP versions affected by the recent SUDO vulnerability announcement? I have checked our F5 estate and I don't believe that the SUDO package is installed or used, but I just want to ...
big-ip
security
DMan's avatar
DMan
Icon for Nimbostratus rankNimbostratus
Jan 27, 2021

F5s seems to be vulnerable, to confirm, see below:

 

How can I test if I have vulnerable version?

To test if a system is vulnerable or not, login to the system as a non-root user.

Run command “sudoedit -s /”

If the system is vulnerable, it will respond with an error that starts with “sudoedit:”

If the system is patched, it will respond with an error that starts with “usage:”

  • Barny_Riches's avatar
    Barny_Riches
    Icon for Altostratus rankAltostratus
    Jan 27, 2021

    Thanks for the reply, that's interesting. My BIG-IP (15.1.04) instances return:

    sudoedit: command not found

    Running an rpm -qa query also doesn't show sudo being installed. Could sudo be installed on some versions and not others?