CVE-2019-18634

Published: 31 January 2020

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

Priority

Low

CVSS 3 base score: 7.8

Status

Package Release Status
sudo
Launchpad, Ubuntu, Debian
Upstream
Released (1.8.31)
Ubuntu 20.04 LTS (Focal Fossa)
Released (1.8.31-1ubuntu1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (1.8.21p2-3ubuntu1.2)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (1.8.16-0ubuntu1.9)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1.8.9p5-1ubuntu1.5+esm3)
Patches:
Upstream: https://github.com/sudo-project/sudo/commit/fa8ffeb17523494f0e8bb49a25e53635f4509078