PublicDateAtUSN: 2020-01-31
Candidate: CVE-2019-18634
PublicDate: 2020-01-29 18:15:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634
 https://www.openwall.com/lists/oss-security/2020/01/30/6
 https://www.openwall.com/lists/oss-security/2020/01/31/1
 https://ubuntu.com/security/notices/USN-4263-1
 https://ubuntu.com/security/notices/USN-4263-2
Description:
 In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can
 trigger a stack-based buffer overflow in the privileged sudo process.
 (pwfeedback is a default setting in Linux Mint and elementary OS; however,
 it is NOT the default for upstream and many other packages, and would exist
 only if enabled by an administrator.) The attacker needs to deliver a long
 string to the stdin of getln() in tgetpass.c.
Ubuntu-Description: 
Notes: 
 mdeslaur> pwfeedback is not enabled in Ubuntu
 mdeslaur> affects 1.7.1 to 1.8.25p1 as it can't be exploited in 1.8.26 to
 mdeslaur> 1.8.30
Mitigation: 
Bugs: 
Priority: low
Discovered-by: Joe Vennix
Assigned-to: mdeslaur
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_sudo:
 upstream: https://github.com/sudo-project/sudo/commit/fa8ffeb17523494f0e8bb49a25e53635f4509078
upstream_sudo: released (1.8.31)
precise/esm_sudo: released (1.8.3p1-1ubuntu3.9)
trusty_sudo: ignored (out of standard support)
trusty/esm_sudo: released (1.8.9p5-1ubuntu1.5+esm3)
xenial_sudo: released (1.8.16-0ubuntu1.9)
esm-infra/xenial_sudo: released (1.8.16-0ubuntu1.9)
bionic_sudo: released (1.8.21p2-3ubuntu1.2)
eoan_sudo: released (1.8.27-1ubuntu4.1)
devel_sudo: released (1.8.31-1ubuntu1)