Skip to content

Pwnies

recognize both excellence and incompetence in the field of information security

  • news
  • About
  • noms
  • winners
  • previous
  • team

The 2021 Pwnie Winner For Best Privilege Escalation Bug

Heap-based buffer overflow in Sudo!

Researcher Name: Baron Samedit – Qualys

Link: https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt

CVE: CVE-2021-3156

A 10-year-old bug on a very popular security boundary. This bug is unique as it couldn’t be fuzzed out and required knowledge of how the system interacts with sudo, making it a very clever find.

calendar

Apr 19
Nominations open
Jul 19
Nominees announced, Summercon 2024, Brooklyn, NY
Aug 10
Awards Ceremony, 10:00am, DEF CON 32, Las Vegas Convention Center, Las Vegas, NV

awards ceremony

Date
August 10
Time
10:00am PDT
Where
DEF CON 32, Las Vegas Convention Center, Las Vegas, NV

follow us

  • twitter
  • atom feed

Archives

  • Nominations and Winners Archive
Copyright © 2007-2025 Pwnie Awards LLC. Designed by ikonoklasm.