HomeResources Security Research Heap-Based Overflow Vulnerability in Sudo [CVE-2021-3156]
heap based buffer overflow vulnerability research paper
Security Research

Heap-Based Overflow Vulnerability in Sudo [CVE-2021-3156]

Sudo is a powerful utility that is remembered for most if not all Unix-and Linux-based OSes which allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. This paper covers Unix like systems which are vulnerable to heap-based buffer overflow sudo vulnerability. This vulnerability was hidden for around the last ten years, affecting unpatched versions of sudo programs from 1.8.2-1.8.31p2 and 1.9.0-1.9.5p1.

Key Pointers:
  • Understanding the history of this vulnerability and how it works
  • Understanding the severity of this vulnerability with CVSS score of 7.8
  • Mapping the vulnerable sudo versions and understanding the scope of impact
  • Preparing the prerequisites to set up the lab and demonstrate the exploitation
  • Learning about the mitigations to patch this vulnerability

Brands that
trust our competence

Explore more
molina logo
icici logo
british telecom logo
munichre logo
newscorp logo
kfc logo

Related Resources

Explore More
heap based buffer overflow vulnerability research paperHeap-Based Overflow Vulnerability in Sudo [CVE-2021-3156]Read More ubuntu overlays privesc vulnerabilityUbuntu OverlayFS Local Privesc VulnerabilityRead More heartbleed attack cybersecurity research paperHeartbleed AttackRead More linux firewall guide research paperA Beginners Guide to Linux FirewallRead More insecure deserialzation research paperIntroduction to Insecure DeserializationRead More linux privilege escalation research paperUnderstanding and Exploiting Zerologon Read More