CVE-2019-18634

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Sudo versions prior to 1.8.31

Description The issue is related to a stack-based buffer overflow in the privileged sudo process when the pwfeedback option is enabled in /etc/sudoers. This option is not enabled by default but is active in some distributions like Linux Mint and Elementary OS. An attacker can trigger the buffer overflow by delivering a long string to the stdin of getln() in tgetpass.c. This can potentially allow a low-privileged user to execute arbitrary commands with root privileges.

Recommendations To resolve the issue, update to Sudo version 1.8.31 or later. As a temporary workaround, consider disabling the pwfeedback option in /etc/sudoers to minimize the risk of exploitation.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

ALT-PU-2018-2804

ALT-PU-2020-2707

ALT-PU-2020-2731

ALT-PU-2021-1164

ALT-PU-2021-1174

ALT-PU-2021-1184

BDU:2020-00855

CESA-2020_0487

CESA-2020_0540

CESA-2020_0726

CESA-2020_1804

CESA-2021_0218

CESA-2021_0221

CVE-2019-18634

DLA-2094-1

DSA-4614-1

ELSA-2020-0487

ELSA-2020-0540

ELSA-2020-0726

MGASA-2020-0081

OPENSUSE-SU-2020:0244-1

OPENSUSE-SU-2020_0244-1

OPENSUSE-SU-2024:11413-1

RHSA-2020:0487

RHSA-2020:0509

RHSA-2020:0540

RHSA-2020:0726

RHSA-2020_0487

RHSA-2020_0540

RHSA-2020_0726

RHSA-2020_1804

RHSA-2021_0218

RHSA-2021_0221

RHSA-2021_0227

SUSE-SU-2020:0390-1

SUSE-SU-2020:0406-1

SUSE-SU-2020:0407-1

SUSE-SU-2020:0408-1

SUSE-SU-2020:0409-1

SUSE-SU-2020_0390-1

SUSE-SU-2020_0406-1

SUSE-SU-2020_0407-1

SUSE-SU-2020_0408-1

SUSE-SU-2020_0409-1

USN-4263-1

USN-4263-2

Affected Products

Alt Linux

Centos

Red Hat

Sudo

Suse

Ubuntu

CVE-2019-18634

Weakness Enumeration

Related Identifiers

Affected Products

References · 153