CVE-2021-3156 analysis.

This past week, I decided I wanted to learn more about exploits and exploit analysis. As a result, I checked out CVE-2021-3156, a Sudo vulnerability from 2021 that has long since been patched. Reproducing the vulnerability presented a number of difficulties: setting up an environment with a pre-2021 version of Sudo, ensuring it hadn't been patched, and triggered the heap overflow, though I was unable to achieve full code execution due to heap layout differences in Docker. CVE-2021-3156 is a heap-based buffer overflow in sudo. The vulnerability allows you to write data beyond the bounds of an allocated buffer, corrupting adjacent memory on the heap. The exploit targets the service_user struct in glibc's Name Service Switch (NSS) system, which contains function pointers used for user and group lookups. By overflowing the buffer, you can overwrite these function pointers to redirect them to attacker-controlled code. When sudo calls an NSS function (like getpwnam_r() to look up user inform

CVE-2021-3156 analysis.

Related Articles

Learn Something Old Every Day, Part XVIII: How Does FPU Detection Work?

“Learn to Code” Is Dead… Learn to Think Instead

How One File Makes Claude Code Actually Follow Your Instructions

LeetCode Solution: 121. Best Time to Buy and Sell Stock

The Feature Took 2 Hours to Build — and 2 Weeks to Fix

Related Articles

How-To
Learn Something Old Every Day, Part XVIII: How Does FPU Detection Work?
Lobsters • 2d ago

How-To
“Learn to Code” Is Dead… Learn to Think Instead
Medium Programming • 3d ago

How-To
How One File Makes Claude Code Actually Follow Your Instructions
Medium Programming • 3d ago

How-To
LeetCode Solution: 121. Best Time to Buy and Sell Stock
Dev.to Tutorial • 3d ago

How-To
The Feature Took 2 Hours to Build — and 2 Weeks to Fix
Medium Programming • 3d ago