Your submission was sent successfully! Close

CVE-2019-18634

Published: 31 January 2020

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

Notes

AuthorNote
mdeslaur
pwfeedback is not enabled in Ubuntu
affects 1.7.1 to 1.8.25p1 as it can't be exploited in 1.8.26 to
1.8.30
Priority

Low

CVSS 3 base score: 7.8

Status

Package Release Status
sudo
Launchpad, Ubuntu, Debian
bionic
Released (1.8.21p2-3ubuntu1.2)
eoan
Released (1.8.27-1ubuntu4.1)
precise
Released (1.8.3p1-1ubuntu3.9)
trusty
Released (1.8.9p5-1ubuntu1.5+esm3)
upstream
Released (1.8.31)
xenial
Released (1.8.16-0ubuntu1.9)
Patches:
upstream: https://github.com/sudo-project/sudo/commit/fa8ffeb17523494f0e8bb49a25e53635f4509078