Sudo (CVE-2021-3156) - I went looking for a CVE exploit and found a different bug instead, which got patched.

As i'm migrating from old Diary, i've decided to repost just a few selected post that i consider worth keeping. Not for the quality of the post, but for the content. I try to reformat it to dev.to ...

By · · 1 min read
Sudo (CVE-2021-3156) - I went looking for a CVE exploit and found a different bug instead, which got patched.

Source: DEV Community

As i'm migrating from old Diary, i've decided to repost just a few selected post that i consider worth keeping. Not for the quality of the post, but for the content. I try to reformat it to dev.to standard anyway. (Even though it appears that "dev.to" standard is AI Slop). This post was written @ 16 January 2024. Exploring CVE-2021-3156 @ home Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. This is what I understood : You can use multiple line in argument by escaping with \ Sudo ignore the character following \ what if \ is the last character ? it ignores \0 (NULL) and read stuff it shouldn't read because the null terminator is ignored. Let's find out. The commit fixing the bug is here and here and ... here ? This was also submitted by Qualys the same day, let's assume it's part of it Well... it's not as s

Related Posts

Trending on ShareHub

  1. Understanding Modern JavaScript Frameworks in 2026
    by Alex Chen · Feb 12, 2026 · 0 likes
  2. The System Design Primer
    by Sarah Kim · Feb 12, 2026 · 0 likes
  3. Just shipped my first open-source project!
    by Alex Chen · Feb 12, 2026 · 0 likes
  4. OpenAI Blog
    by Sarah Kim · Feb 12, 2026 · 0 likes
  5. Building Accessible Web Applications: A Practical Guide
    by Alex Chen · Feb 12, 2026 · 0 likes
  6. Rapper Lil Poppa dead at 25, days after releasing new music
    Rapper Lil Poppa dead at 25, days after releasing new music
    by Anonymous User · Feb 19, 2026 · 0 likes
  7. write-for-us
    by Volt Raven · Mar 7, 2026 · 0 likes
  8. Before the Coffee Gets Cold: Heartfelt Story of Time Travel and Second Chances
    Before the Coffee Gets Cold: Heartfelt Story of Time Travel and Second Chances
    by Anonymous User · Feb 12, 2026 · 0 likes
    #coffee gets cold #the #time travel
  9. Best DoorDash Promo Code Reddit Finds for Top Discounts
    Best DoorDash Promo Code Reddit Finds for Top Discounts
    by Anonymous User · Feb 12, 2026 · 0 likes
    #doordash #promo #reddit
  10. Premium SEO Services That Boost Rankings & Revenue | VirtualSEO.Expert
    by Anonymous User · Feb 12, 2026 · 0 likes
  11. NBC under fire for commentary about Team USA women's hockey team
    NBC under fire for commentary about Team USA women's hockey team
    by Anonymous User · Feb 18, 2026 · 0 likes
  12. Where to Watch The Nanny: Streaming and Online Viewing Options
    Where to Watch The Nanny: Streaming and Online Viewing Options
    by Anonymous User · Feb 12, 2026 · 0 likes
    #streaming #the nanny #where
  13. How Much Is Kindle Unlimited? Subscription Cost and Plan Details
    How Much Is Kindle Unlimited? Subscription Cost and Plan Details
    by Anonymous User · Feb 12, 2026 · 0 likes
    #kindle unlimited #subscription #unlimited
  14. Russian skater facing backlash for comment about Amber Glenn
    Russian skater facing backlash for comment about Amber Glenn
    by Anonymous User · Feb 18, 2026 · 0 likes
  15. Google News
    Google News
    by Anonymous User · Feb 18, 2026 · 0 likes

Latest on ShareHub

Browse Topics

#artificial intelligence (5113)#deep learning (3221)#pro graphics (2571)#ai (1907)#generative ai (1655)#gaming (1644)#3d (1638)#news (1397)#geforce now (1192)#cloud gaming (1161)

Around the Network