heap based buffer overflow vulnerability research paper
Security Research

Heap-Based Overflow Vulnerability in Sudo [CVE-2021-3156]

Sudo is a powerful utility that is remembered for most if not all Unix-and Linux-based OSes which allows a permitted user to execute a command as the superuser or another user, as specified by the security policy. This paper covers Unix like systems which are vulnerable to heap-based buffer overflow sudo vulnerability. This vulnerability was hidden for around the last ten years, affecting unpatched versions of sudo programs from 1.8.2-1.8.31p2 and 1.9.0-1.9.5p1.

Key Pointers:
  • Understanding the history of this vulnerability and how it works
  • Understanding the severity of this vulnerability with CVSS score of 7.8
  • Mapping the vulnerable sudo versions and understanding the scope of impact
  • Preparing the prerequisites to set up the lab and demonstrate the exploitation
  • Learning about the mitigations to patch this vulnerability

Brands that
trust our competence

Explore more
kfc logo
discover logo
adp logo
adbed bath beyond logo
expedia logo
chipotle logo
Mosaic Insurance logo
dell logo
fannie-mae logo
 maersk logo
 gsk logo
 wiz logo
 bt logo