Out-of-bounds Write
Affecting sudo package, versions <1.8.19p1-2.1+deb9u2
Report new vulnerabilities
Do your applications use this vulnerable package?
Test your applications
Overview
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
References
- Apple Security Advisory
- Bugtraq Mailing List
- Bugtraq Mailing List
- Bugtraq Mailing List
- CONFIRM
- Debian Security Advisory
- Debian Security Announcement
- Debian Security Tracker
- FEDORA
- FEDORA
- GENTOO
- MISC
- MISC
- MISC
- Netapp Security Advisory
- OSS security Advisory
- OSS security Advisory
- OSS security Advisory
- OSS security Advisory
- REDHAT
- REDHAT
- RHSA Security Advisory
- RHSA Security Advisory
- SUSE
- Seclists Full Disclosure
- Ubuntu CVE Tracker
- Ubuntu Security Advisory
- Ubuntu Security Advisory
CVSS Score
7.8
high severity
-
Attack VectorLocal
-
Attack ComplexityLow
-
Privileges RequiredLow
-
User InteractionNone
-
ScopeUnchanged
-
ConfidentialityHigh
-
IntegrityHigh
-
AvailabilityHigh
- CVE
- CVE-2019-18634
- CWE
- CWE-787
- Snyk ID
- SNYK-DEBIAN9-SUDO-543820
- Disclosed
- 29 Jan, 2020
- Published
- 30 Jan, 2020