macOS Big Sur 11.2.1 Fixes Root Access Sudo Bug

The macOS Big Sur 11.2.1 update that Apple released today fixes a sudo security vulnerability that could allow an attacker to gain root access to a Mac.

sudo bug macos
According to an Apple security support document, the bug, CVE-2021-3156, was addressed in the update by updating to sudo version 1.9.5p2. Apple has also fixed the bug in Supplemental Updates made available for macOS Catalina 10.15.7 and macOS Mojave 10.14.6.

The updates also include fixes for two bugs that could allow an app to execute arbitrary code with kernel privileges.

Discovered last week, the vulnerability triggers a "heap overflow" in sudo that changes the current user's privileges to enable root-level access, giving an attacker access to the entire system.

Top Rated Comments

neuropsychguy Avatar
20 months ago

Is Apple the first? Did other Unix and Linux push out the update too?
Most major Linux distros have already fixed it.

Examples:
https://ubuntu.com/security/CVE-2021-3156
https://access.redhat.com/security/cve/cve-2021-3156
https://www.suse.com/security/cve/CVE-2021-3156/
https://bodhi.fedoraproject.org/updates/FEDORA-2021-2cb63d912a
Score: 6 Votes (Like | Disagree)
luvbug Avatar
20 months ago
Thank you! Much more than a charging bug, for sure.
Score: 6 Votes (Like | Disagree)
TriBruin Avatar
20 months ago

Now if it could just come standard with allowing us to use TouchID instead of typing our password.
You know that you can enable this feature. Unfortunately, it has to be re-enabled after each update.

https://derflounder.wordpress.com/2017/11/17/enabling-touch-id-authorization-for-sudo-on-macos-high-sierra/
Score: 5 Votes (Like | Disagree)
ruka.snow Avatar
20 months ago
Fantastic. Unlikely to affect me but still good to have the furniture nailed down.
Score: 4 Votes (Like | Disagree)
Jerry Fritschle Avatar
20 months ago

Reminds me of High Sierra. Waiting for the login “root” user access now. :p
I admit I thought of that, too. However, "sudo" is a utility found throughout unix/Linux systems. This was therefore not an "Apple" bug, but rather an update that had to come from upstream :-)
Score: 3 Votes (Like | Disagree)
Rafterman Avatar
20 months ago
Thanks Apple for yet another reboot. Get it right the first time.
Score: 2 Votes (Like | Disagree)

Related Stories

macOS Big Sur Feature Blue

Apple Seeds Fourth Beta of macOS Big Sur 11.5 to Developers

Tuesday June 29, 2021 10:14 am PDT by
Apple today seeded the fourth beta of an upcoming macOS Big Sur 11.5 update to developers for testing purposes, with the new beta coming two weeks after the release of the third macOS Big Sur 11.5 beta. Developers can download the ‌‌‌‌macOS Big Sur‌‌‌‌ 11.5 beta using the Software Update mechanism in System Preferences after installing the proper profile from the Apple...
macOS Monterey on MBP Feature

Apple Releases macOS Monterey 12.2 With Safari Vulnerability Fix

Wednesday January 26, 2022 10:19 am PST by
Apple today released macOS Monterey 12.2, the second major update to the macOS Monterey update that launched in October. macOS Monterey 12.2 comes over a month after the release of the 12.1 update, which brought SharePlay support. The ‌‌‌macOS Monterey 12.2‌‌ update can be downloaded on all eligible Macs using the Software Update section of System Preferences. Apple has also...
macOS Big Sur Feature Orange

Apple Seeds macOS Big Sur 11.6.1 Beta to Developers With Security Fixes

Thursday September 30, 2021 1:53 pm PDT by
Apple today seeded a macOS Big Sur 11.6.1 beta to developers for testing purposes, with the update coming two weeks after the launch of macOS Big Sur 11.6. Registered developers can download the beta through the Apple Developer Center and once the appropriate profile is installed, betas will be available through the Software Update mechanism in System Preferences. According to Apple's...
macOS Big Sur Feature Triad

Apple Releases macOS Big Sur 11.5.1 With Security Updates

Monday July 26, 2021 10:20 am PDT by
Apple today released macOS Big Sur 11.5.1, a minor bug fix update that comes close to one week after the launch of macOS Big Sur 11.5. The new ‌‌‌‌‌‌macOS Big Sur‌‌‌‌‌ 11.5.1 update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences. According to Apple, macOS Big Sur 11.5.1 brings important security updates and is...
macOS Big Sur Feature Orange

Apple Releases macOS Big Sur 11.5 With Podcast App Updates and Bug Fixes

Wednesday July 21, 2021 10:15 am PDT by
Apple today released macOS Big Sur 11.5, the fifth major update to the macOS Big Sur operating system that launched in November 2020. macOS Big Sur 11.5 comes two months after the release of macOS Big Sur 11.4. The new ‌‌‌‌‌macOS Big Sur‌‌‌‌ 11.5 update can be downloaded for free on all eligible Macs using the Software Update section of System Preferences. macOS Big Sur...
macOS Big Sur Feature Orange

Apple Releases macOS Big Sur 11.4 With Apple Podcasts Subscription Support

Monday May 24, 2021 10:08 am PDT by
Apple today released macOS Big Sur 11.4, the fourth major update to the macOS Big Sur operating system that launched in November 2020. macOS Big Sur comes one month after the release of macOS Big Sur 11.3, an update that added M1 optimizations, AirTag integration, and more. The new ‌‌‌‌macOS Big Sur‌‌‌ 11.4 update can be downloaded for free on all eligible Macs using the...
jamf malware secret screenshots

macOS Big Sur 11.4 Addresses Vulnerability That Could Let Attackers Take Secret Screenshots

Monday May 24, 2021 5:26 pm PDT by
macOS Big Sur 11.4, which was released this morning, addresses a zero-day vulnerability that could allow attackers to piggyback off of apps like Zoom, taking secret screenshots and surrepetiously recording the screen. Jamf, a mobile device management company, today highlighted a security issue that allowed Privacy preferences to be bypassed, providing an attacker with Full Disk Access,...
macOS Big Sur Feature Blue

Apple Seeds Release Candidate Version of macOS Big Sur 11.5 to Developers

Tuesday July 13, 2021 10:19 am PDT by
Apple today seeded the release candidate version of an upcoming macOS Big Sur 11.5 update to developers for testing purposes, with the new beta coming one week after the release of the fifth macOS Big Sur 11.5 beta. Developers can download the ‌‌‌‌macOS Big Sur‌‌‌‌ 11.5 beta using the Software Update mechanism in System Preferences after installing the proper profile from the ...

Popular Stories

iPhone 14 Dummies 1 Feature

Everything Rumored for Apple's September Event: iPhone 14, Apple Watch Pro and More

Friday August 12, 2022 2:34 pm PDT by
There's just about a month to go until Apple holds its annual September event focusing on new iPhone and Apple Watch models. We thought we'd take a quick look at everything that's rumored for Apple's September event to give MacRumors readers a rundown on what to expect when the first fall event rolls around. iPhone 14 The iPhone 14 can probably be described more as an "iPhone 13S" because...
z fold 4 1

Hands-On With Samsung's Latest Foldable Smartphones, the Galaxy Z Fold and Z Flip

Friday August 12, 2022 12:46 pm PDT by
Samsung this week launched its fourth-generation foldable devices, the $1,000 Galaxy Z Flip and the $1,800 Galaxy Z Fold. Though there's no sign of a comparable Apple foldable device on the horizon, rumors suggest prototypes are in the works, so we thought we'd take a look at Samsung's newest smartphones to see what Apple needs to measure up to when a foldable iPhone does come out. Subscribe ...
iPhone 14 Pro Purple Rear Flat MacRumors Exclusive

iPhone 14 Pro: Analyst Believes Storage Will Continue to Start at 128GB Despite Rumored Price Increase

Friday August 12, 2022 7:04 am PDT by
It wouldn't be the month before an iPhone launch without a few back-and-forth rumors, with the latest debate concerning iPhone 14 Pro storage. iPhone 14 Pro render by Ian Zelbo While research firm TrendForce forecasted that iPhone 14 Pro models could start with an increased 256GB of storage, Haitong International analyst Jeff Pu today forecasted that the upcoming Pro models will continue to...
iPhone 14 Pro Purple Front and Back MacRumors Exclusive feature

iPhone 14 Is Just a Few Weeks Away: Three Tips to Prepare for the New iPhone

Wednesday August 10, 2022 4:08 am PDT by
The launch of the new iPhone 14 is just a few weeks away, meaning millions of iPhone customers will soon upgrade their existing iPhone or perhaps get an iPhone for the first time. Exclusive MacRumors iPhone 14 Pro renders by graphic designer Ian Zelbo Whether upgrading from an older model or this is your first iPhone, we've rounded up a few tips to help you prepare for the next flagship...
iPhone 14 Pro Lineup Feature Silver

Kuo: Apple to Increase Prices of iPhone 14 Pro Models

Wednesday August 10, 2022 8:22 am PDT by
Apple plans to increase the prices of iPhone 14 Pro models compared to iPhone 13 Pro models, according to analyst Ming-Chi Kuo. Kuo did not reveal exact pricing for the iPhone 14 Pro models. However, in a tweet today, he estimated that the average selling price of the iPhone 14 lineup as a whole will increase by about 15% compared to the iPhone 13 lineup. In the United States, the iPhone...
top stories 13aug2022

Top Stories: New Battery Percentage Icon in iOS 16, USB-C AirPods Rumor, and More

Saturday August 13, 2022 6:00 am PDT by
This week brought some shocking news for iOS 16 beta testers, with Apple bringing back the iPhone battery percentage to the status bar after a number of years. Other news and rumors this week included word that Apple has started recording portions of its media event planned for next month to introduce the iPhone 14 and Apple Watch Series 8, claims about iPhone 14 Pro pricing and Apple's...