Showing posts from February, 2021

Sudoedit heap overflow

Jayden Rivers @Awarau1 Introduction On January 27th 2021 Qualys released a report on a bug they had found in the commonly used Unix utility: sudo . The bug had been present in sudo for nearly 10 years. Their report, which can be found here CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit) | Qualys Security Blog , outlines the root cause and three possible methods of exploitation. Here, we give a brief overview of the relevant workings of sudo. Then we discuss the vulnerability as well as one possible exploitation method in depth. The details of exploitation will focus on our application of the technique known as “heap grooming” or “heap feng shui”. Lastly, we outline the fix.    Sudo (utility) Sudo, or “superuser do”, is a widely used utility which assists people in administrating their Unix systems. Many Unix derived operating systems have sudo packaged by default.  According to the sudo manual , “sudo allows a permitted user to execute a command as the superuser or a