heap based buffer overflow vulnerability research paper
Security Research

Heap-Based Overflow Vulnerability in Sudo [CVE-2021-3156]

Sudo is a powerful utility that is remembered for most if not all Unix-and Linux-based OSes which allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. This paper covers Unix like systems which are vulnerable to heap-based buffer overflow sudo vulnerability. This vulnerability was hidden for around the last ten years, affecting unpatched versions of sudo programs from 1.8.2-1.8.31p2 and 1.9.0-1.9.5p1.

Key Pointers:
  • Understanding the history of this vulnerability and how it works
  • Understanding the severity of this vulnerability with CVSS score of 7.8
  • Mapping the vulnerable sudo versions and understanding the scope of impact
  • Preparing the prerequisites to set up the lab and demonstrate the exploitation
  • Learning about the mitigations to patch this vulnerability
Get the Research Paper
Thank You for your interest in Safe Security!
Your request content is now available!
Invalid Inputs!

Brands that
trust our competence

Explore more
molina logo
icici logo
british telecom logo
munichre logo
newscorp logo
kfc logo