heap based buffer overflow vulnerability research paper
Security Research

Heap-Based Overflow Vulnerability in Sudo [CVE-2021-3156]

Sudo is a powerful utility that is remembered for most if not all Unix-and Linux-based OSes which allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. This paper covers Unix like systems which are vulnerable to heap-based buffer overflow sudo vulnerability. This vulnerability was hidden for around the last ten years, affecting unpatched versions of sudo programs from 1.8.2-1.8.31p2 and 1.9.0-1.9.5p1.

Key Pointers:
  • Understanding the history of this vulnerability and how it works
  • Understanding the severity of this vulnerability with CVSS score of 7.8
  • Mapping the vulnerable sudo versions and understanding the scope of impact
  • Preparing the prerequisites to set up the lab and demonstrate the exploitation
  • Learning about the mitigations to patch this vulnerability

Brands that
trust our competence

Explore more
molina logo
icici logo
british telecom logo
munichre logo
newscorp logo
kfc logo