CyberSec.Space Logo
Back to CVE Browser

CVE-2019-18634

HIGH
7.8
CVSS Severity Score
EPSS Score0.1690%
EPSS Percentile0.78th
PublishedJan 29, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

Affected Platforms (CPE)

πŸ“¦
Sudo Project

Sudo

>= 1.7.1 and < 1.8.26
πŸ’»
Debian

Debian Linux

= 8.0
πŸ’»
Debian

Debian Linux

= 9.0
πŸ’»
Debian

Debian Linux

= 10.0

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html
πŸ”— http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html
πŸ”— http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html
πŸ”— http://seclists.org/fulldisclosure/2020/Jan/40
πŸ”— http://www.openwall.com/lists/oss-security/2020/01/30/6
πŸ”— http://www.openwall.com/lists/oss-security/2020/01/31/1
πŸ”— http://www.openwall.com/lists/oss-security/2020/02/05/2
πŸ”— http://www.openwall.com/lists/oss-security/2020/02/05/5

Related Vulnerabilities

CVE-2001-124010.0

The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that co...

CVE-2018-185569.9

A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the ppp...

CVE-2017-137079.8

Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo ...

CVE-2019-98919.8

The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and exe...