Vulnerability-Lookup

BDU:2020-00855

Vulnerability from fstec - Published: 29.01.2020

Title

Уязвимость функции stdin getln программы системного администрирования Sudo, позволяющая нарушителю повысить свои привилегии

Description

Уязвимость функции stdin getln программы системного администрирования Sudo связана с переполнением буфера в стеке. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vendor

ООО «РусБИТех-Астра», Red Hat Inc., Canonical Ltd., Novell Inc., Сообщество свободного программного обеспечения, Fedora Project, Todd C. Miller, АО «ИВК», АО «Концерн ВНИИНС»

Software Name

Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, Ubuntu, SUSE Linux Enterprise, Debian GNU/Linux, Fedora, OpenShift Container Platform, Astra Linux Special Edition для «Эльбрус» (запись в едином реестре российских программ №11156), SUSE CaaS Platform, Sudo, Альт 8 СП (запись в едином реестре российских программ №4305), ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

1.5 «Смоленск» (Astra Linux Special Edition), 6 (Red Hat Enterprise Linux), 7 (Red Hat Enterprise Linux), 16.04 LTS (Ubuntu), Server 12 SP2 (SUSE Linux Enterprise), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 1.6 «Смоленск» (Astra Linux Special Edition), 12.04 ESM (Ubuntu), 8 (Red Hat Enterprise Linux), 14.04 ESM (Ubuntu), 8 (Debian GNU/Linux), 31 (Fedora), 4.2 (OpenShift Container Platform), 19.10 (Ubuntu), Server 11 SP4 LTSS (SUSE Linux Enterprise), 8.1 «Ленинград» (Astra Linux Special Edition для «Эльбрус»), 4.3 (OpenShift Container Platform), 2.0 (SUSE CaaS Platform), 1.0 (SUSE CaaS Platform), от 1.7.1 до 1.8.26 (Sudo), 32 (Fedora), 8.0 Update Services for SAP Solutions (Red Hat Enterprise Linux), 4.4 (OpenShift Container Platform), 4.5 (OpenShift Container Platform), 4.6 (OpenShift Container Platform), - (Альт 8 СП), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Использование рекомендаций: Для Sudo: https://www.sudo.ws/alerts/pwfeedback.html Для Debian: https://www.debian.org/security/2020/dsa-4614 Для Ubuntu: https://usn.ubuntu.com/4263-2/ https://usn.ubuntu.com/4263-1/ Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2019-18634/ Для Red Hat Inc.: https://access.redhat.com/security/cve/CVE-2019-18634 Для Astra Linux: Обновление программного обеспечения (пакета sudo) до 1.8.19p1-2.1+deb9u2 или более поздней версии Для Fedora Project: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/ Для ОС ОН «Стрелец»: Обновление программного обеспечения sudo до версии 1.8.27-1+deb10u3.strelets2 Для ОС Альт 8 СП: установка обновления из публичного репозитория программного средства Для ОС Astra Linux 1.6 «Смоленск»: обновить пакет sudo до 1.8.19p1-2.1+deb9u2 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-18634 https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html https://usn.ubuntu.com/4263-1/ https://usn.ubuntu.com/4263-2/ https://www.sudo.ws/alerts/pwfeedback.html https://www.suse.com/security/cve/CVE-2019-18634/ https://access.redhat.com/security/cve/CVE-2019-18634 https://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81 https://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/ https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023 https://altsp.su/obnovleniya-bezopasnosti/ https://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16

CWE

CWE-787

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., Canonical Ltd., Novell Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Fedora Project, Todd C. Miller, \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb, \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 6 (Red Hat Enterprise Linux), 7 (Red Hat Enterprise Linux), 16.04 LTS (Ubuntu), Server 12 SP2 (SUSE Linux Enterprise), 9 (Debian GNU/Linux), 18.04 LTS (Ubuntu), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), 12.04 ESM (Ubuntu), 8 (Red Hat Enterprise Linux), 14.04 ESM (Ubuntu), 8 (Debian GNU/Linux), 31 (Fedora), 4.2 (OpenShift Container Platform), 19.10 (Ubuntu), Server 11 SP4 LTSS (SUSE Linux Enterprise), 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb (Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb), 4.3 (OpenShift Container Platform), 2.0 (SUSE CaaS Platform), 1.0 (SUSE CaaS Platform), \u043e\u0442 1.7.1 \u0434\u043e 1.8.26 (Sudo), 32 (Fedora), 8.0 Update Services for SAP Solutions (Red Hat Enterprise Linux), 4.4 (OpenShift Container Platform), 4.5 (OpenShift Container Platform), 4.6 (OpenShift Container Platform), - (\u0410\u043b\u044c\u0442 8 \u0421\u041f), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Sudo:\nhttps://www.sudo.ws/alerts/pwfeedback.html\n\n\u0414\u043b\u044f Debian:\nhttps://www.debian.org/security/2020/dsa-4614\n\n\u0414\u043b\u044f Ubuntu:\nhttps://usn.ubuntu.com/4263-2/\nhttps://usn.ubuntu.com/4263-1/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2019-18634/\n\n\u0414\u043b\u044f Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2019-18634\n\n\u0414\u043b\u044f Astra Linux:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 sudo) \u0434\u043e 1.8.19p1-2.1+deb9u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f Fedora Project:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f sudo \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.8.27-1+deb10u3.strelets2\n\n\u0414\u043b\u044f \u041e\u0421 \u0410\u043b\u044c\u0442 8 \u0421\u041f: \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0438\u0437 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 sudo \u0434\u043e 1.8.19p1-2.1+deb9u2 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20200327SE16",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "29.01.2020",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "30.09.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "04.03.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00855",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-18634",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, Ubuntu, SUSE Linux Enterprise, Debian GNU/Linux, Fedora, OpenShift Container Platform, Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), SUSE CaaS Platform, Sudo, \u0410\u043b\u044c\u0442 8 \u0421\u041f (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.5 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Inc. Red Hat Enterprise Linux 6 , Red Hat Inc. Red Hat Enterprise Linux 7 , Canonical Ltd. Ubuntu 16.04 LTS , Novell Inc. SUSE Linux Enterprise Server 12 SP2 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 9 , Canonical Ltd. Ubuntu 18.04 LTS , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Canonical Ltd. Ubuntu 12.04 ESM , Red Hat Inc. Red Hat Enterprise Linux 8 , Canonical Ltd. Ubuntu 14.04 ESM , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 8 , Fedora Project Fedora 31 , Canonical Ltd. Ubuntu 19.10 , Novell Inc. SUSE Linux Enterprise Server 11 SP4 LTSS , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition \u0434\u043b\u044f \u00ab\u042d\u043b\u044c\u0431\u0440\u0443\u0441\u00bb 8.1 \u00ab\u041b\u0435\u043d\u0438\u043d\u0433\u0440\u0430\u0434\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211611156), Fedora Project Fedora 32 , Red Hat Inc. Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions , \u0410\u041e \u00ab\u0418\u0412\u041a\u00bb \u0410\u043b\u044c\u0442 8 \u0421\u041f -  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164305), \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 stdin getln \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Sudo, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0417\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430 (CWE-787)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 stdin getln \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Sudo \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2019-18634\nhttps://lists.debian.org/debian-lts-announce/2020/02/msg00002.html\nhttps://usn.ubuntu.com/4263-1/\nhttps://usn.ubuntu.com/4263-2/\nhttps://www.sudo.ws/alerts/pwfeedback.html\nhttps://www.suse.com/security/cve/CVE-2019-18634/\nhttps://access.redhat.com/security/cve/CVE-2019-18634\nhttps://wiki.astralinux.ru/astra-linux-se81-bulletin-20200429SE81\nhttps://wiki.astralinux.ru/astra-linux-se15-bulletin-20201201SE15\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023\nhttps://altsp.su/obnovleniya-bezopasnosti/\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20220829SE16",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-787",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,2)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)"
}

CVE-2019-18634 (GCVE-0-2019-18634)

Vulnerability from cvelistv5 – Published: 2020-01-29 17:23 – Updated: 2024-08-05 01:54

Summary

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://support.apple.com/kb/HT210919	x_refsource_CONFIRM
	https://seclists.org/bugtraq/2020/Jan/44	mailing-listx_refsource_BUGTRAQ
	https://www.sudo.ws/security.html	x_refsource_MISC
	https://www.sudo.ws/alerts/pwfeedback.html	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2020/01/30/6	mailing-listx_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2020/01/31/1	mailing-listx_refsource_MLIST
	http://seclists.org/fulldisclosure/2020/Jan/40	mailing-listx_refsource_FULLDISC
	https://www.debian.org/security/2020/dsa-4614	vendor-advisoryx_refsource_DEBIAN
	https://lists.debian.org/debian-lts-announce/2020…	mailing-listx_refsource_MLIST
	https://seclists.org/bugtraq/2020/Feb/3	mailing-listx_refsource_BUGTRAQ
	https://seclists.org/bugtraq/2020/Feb/2	mailing-listx_refsource_BUGTRAQ
	http://packetstormsecurity.com/files/156174/Slack…	x_refsource_MISC
	http://packetstormsecurity.com/files/156189/Sudo-…	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2020/02/05/2	mailing-listx_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2020/02/05/5	mailing-listx_refsource_MLIST
	https://usn.ubuntu.com/4263-1/	vendor-advisoryx_refsource_UBUNTU
	https://security.netapp.com/advisory/ntap-2020021…	x_refsource_CONFIRM
	https://usn.ubuntu.com/4263-2/	vendor-advisoryx_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2020:0487	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0509	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0540	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://access.redhat.com/errata/RHSA-2020:0726	vendor-advisoryx_refsource_REDHAT
	https://security.gentoo.org/glsa/202003-12	vendor-advisoryx_refsource_GENTOO
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T01:54:14.581Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT210919"
          },
          {
            "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2020/Jan/44"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sudo.ws/security.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.sudo.ws/alerts/pwfeedback.html"
          },
          {
            "name": "[oss-security] 20200130 CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/01/30/6"
          },
          {
            "name": "[oss-security] 20200131 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/01/31/1"
          },
          {
            "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
          },
          {
            "name": "DSA-4614",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2020/dsa-4614"
          },
          {
            "name": "[debian-lts-announce] 20200201 [SECURITY] [DLA 2094-1] sudo security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html"
          },
          {
            "name": "20200203 [slackware-security] sudo (SSA:2020-031-01)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2020/Feb/3"
          },
          {
            "name": "20200203 [SECURITY] [DSA 4614-1] sudo security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2020/Feb/2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html"
          },
          {
            "name": "[oss-security] 20200205 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/02/05/2"
          },
          {
            "name": "[oss-security] 20200205 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/02/05/5"
          },
          {
            "name": "USN-4263-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4263-1/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200210-0001/"
          },
          {
            "name": "USN-4263-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4263-2/"
          },
          {
            "name": "RHSA-2020:0487",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0487"
          },
          {
            "name": "RHSA-2020:0509",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0509"
          },
          {
            "name": "RHSA-2020:0540",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0540"
          },
          {
            "name": "openSUSE-SU-2020:0244",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html"
          },
          {
            "name": "FEDORA-2020-8b563bc5f4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
          },
          {
            "name": "RHSA-2020:0726",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0726"
          },
          {
            "name": "GLSA-202003-12",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202003-12"
          },
          {
            "name": "FEDORA-2020-7c1b270959",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-03-16T23:06:02.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT210919"
        },
        {
          "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2020/Jan/44"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sudo.ws/security.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.sudo.ws/alerts/pwfeedback.html"
        },
        {
          "name": "[oss-security] 20200130 CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/01/30/6"
        },
        {
          "name": "[oss-security] 20200131 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/01/31/1"
        },
        {
          "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
        },
        {
          "name": "DSA-4614",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2020/dsa-4614"
        },
        {
          "name": "[debian-lts-announce] 20200201 [SECURITY] [DLA 2094-1] sudo security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html"
        },
        {
          "name": "20200203 [slackware-security] sudo (SSA:2020-031-01)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2020/Feb/3"
        },
        {
          "name": "20200203 [SECURITY] [DSA 4614-1] sudo security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2020/Feb/2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html"
        },
        {
          "name": "[oss-security] 20200205 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/02/05/2"
        },
        {
          "name": "[oss-security] 20200205 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/02/05/5"
        },
        {
          "name": "USN-4263-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4263-1/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200210-0001/"
        },
        {
          "name": "USN-4263-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4263-2/"
        },
        {
          "name": "RHSA-2020:0487",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0487"
        },
        {
          "name": "RHSA-2020:0509",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0509"
        },
        {
          "name": "RHSA-2020:0540",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0540"
        },
        {
          "name": "openSUSE-SU-2020:0244",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html"
        },
        {
          "name": "FEDORA-2020-8b563bc5f4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
        },
        {
          "name": "RHSA-2020:0726",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0726"
        },
        {
          "name": "GLSA-202003-12",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202003-12"
        },
        {
          "name": "FEDORA-2020-7c1b270959",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-18634",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.apple.com/kb/HT210919",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT210919"
            },
            {
              "name": "20200129 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2020/Jan/44"
            },
            {
              "name": "https://www.sudo.ws/security.html",
              "refsource": "MISC",
              "url": "https://www.sudo.ws/security.html"
            },
            {
              "name": "https://www.sudo.ws/alerts/pwfeedback.html",
              "refsource": "CONFIRM",
              "url": "https://www.sudo.ws/alerts/pwfeedback.html"
            },
            {
              "name": "[oss-security] 20200130 CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/01/30/6"
            },
            {
              "name": "[oss-security] 20200131 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/01/31/1"
            },
            {
              "name": "20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2020/Jan/40"
            },
            {
              "name": "DSA-4614",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2020/dsa-4614"
            },
            {
              "name": "[debian-lts-announce] 20200201 [SECURITY] [DLA 2094-1] sudo security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html"
            },
            {
              "name": "20200203 [slackware-security] sudo (SSA:2020-031-01)",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2020/Feb/3"
            },
            {
              "name": "20200203 [SECURITY] [DSA 4614-1] sudo security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2020/Feb/2"
            },
            {
              "name": "http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html"
            },
            {
              "name": "http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html"
            },
            {
              "name": "[oss-security] 20200205 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/02/05/2"
            },
            {
              "name": "[oss-security] 20200205 Re: CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/02/05/5"
            },
            {
              "name": "USN-4263-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4263-1/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200210-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200210-0001/"
            },
            {
              "name": "USN-4263-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4263-2/"
            },
            {
              "name": "RHSA-2020:0487",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0487"
            },
            {
              "name": "RHSA-2020:0509",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0509"
            },
            {
              "name": "RHSA-2020:0540",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0540"
            },
            {
              "name": "openSUSE-SU-2020:0244",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html"
            },
            {
              "name": "FEDORA-2020-8b563bc5f4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
            },
            {
              "name": "RHSA-2020:0726",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0726"
            },
            {
              "name": "GLSA-202003-12",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202003-12"
            },
            {
              "name": "FEDORA-2020-7c1b270959",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-18634",
    "datePublished": "2020-01-29T17:23:26.000Z",
    "dateReserved": "2019-10-30T00:00:00.000Z",
    "dateUpdated": "2024-08-05T01:54:14.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2020-00855

CVE-2019-18634 (GCVE-0-2019-18634)

Tags

Sightings

Nomenclature