Main Vulnerability Database Exploits ID:8569 - Exploit for Heap-based buffer overflow in Sudo - CVE-2021-3156

ID:8569 - Exploit for Heap-based buffer overflow in Sudo - CVE-2021-3156

Published: November 3, 2022

Vulnerability identifier: #VU50040

Vulnerability risk: Low

CVE-ID: CVE-2021-3156

CWE-ID: CWE-122

Exploitation vector: Local access

Vulnerable software:
Sudo

Link to public exploit:

https://github.com/PhuketIsland/CVE-2021-3156-centos7

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error in sudo. A local user can pass specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system with root privileges.

Remediation

Install update from vendor's website.

ID:8569 - Exploit for Heap-based buffer overflow in Sudo - CVE-2021-3156

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human