CVE-2019-14287

Published: 14 October 2019

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "sudo -u \#$((0xffffffff))" command.

Priority

Medium

CVSS 3 base score: 8.8

Status

Package Release Status
sudo
Launchpad, Ubuntu, Debian
Upstream
Released (1.8.28)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (1.8.21p2-3ubuntu1.1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (1.8.16-0ubuntu1.8)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.8.9p5-1ubuntu1.5+esm2)