Question 1

What is CVE-2021-3156 — Sudo Heap-Based Buffer Overflow Vulnerability?

Accepted Answer

Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation.

Question 2

What is the authoritative source for CVE-2021-3156?

Accepted Answer

Sudo Heap-Based Buffer Overflow Vulnerability (CVE-2021-3156) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2021-3156Sudo Heap-Based Buffer Overflow Vulnerability

Description

Scoring

CISA KEV entry

(incoming)1

Related by meaning· 6