CVE-2019-18634

Name
CVE-2019-18634
Description
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Third Party Advisory https://support.apple.com/kb/HT210919
Vendor Advisory https://www.sudo.ws/security.html
Mailing List https://seclists.org/bugtraq/2020/Jan/44
Exploit https://www.sudo.ws/alerts/pwfeedback.html
Mailing List http://www.openwall.com/lists/oss-security/2020/01/30/6
Mailing List http://www.openwall.com/lists/oss-security/2020/01/31/1
Mailing List http://seclists.org/fulldisclosure/2020/Jan/40
Third Party Advisory https://www.debian.org/security/2020/dsa-4614
Mailing List https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html
Mailing List https://seclists.org/bugtraq/2020/Feb/3
Mailing List https://seclists.org/bugtraq/2020/Feb/2
Third Party Advisory http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html
Third Party Advisory http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html
Third Party Advisory http://www.openwall.com/lists/oss-security/2020/02/05/2
Exploit http://www.openwall.com/lists/oss-security/2020/02/05/5
UBUNTU https://usn.ubuntu.com/4263-1/
CONFIRM https://security.netapp.com/advisory/ntap-20200210-0001/
UBUNTU https://usn.ubuntu.com/4263-2/
REDHAT https://access.redhat.com/errata/RHSA-2020:0487
REDHAT https://access.redhat.com/errata/RHSA-2020:0509
REDHAT https://access.redhat.com/errata/RHSA-2020:0540
SUSE http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/
REDHAT https://access.redhat.com/errata/RHSA-2020:0726
GENTOO https://security.gentoo.org/glsa/202003-12
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:* sudo >= 1.7.1 < 1.8.26

Vulnerable and fixed packages

Source package Branch Version Maintainer Status