Linux Sudo Vulnerability (CVE-2019-18634)

Linux Sudo Vulnerability (CVE-2019-18634)

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process.

Overview

Linux Sudo Vulnerability (CVE-2019-18634): “In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process.”

Description

Sudo is one of the most important, powerful and commonly used utilities that comes as a core command pre-installed on almost every Linux based operating system. Sudo program allows users to run programs with the security privileges of another user, by default the superuser.

In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.)

The Linux Sudo vulnerability (CVE-2019-18634) can be triggered even by users not listed in the sudoers file. The exploitation takes place by passing a large input to sudo via a pipe when it prompts for a password.

Impact

An attacker can trigger a stack-based buffer overflow in the privileged sudo process.

Impact Summary

Category: Buffer Overflow (Stack-Based)
CVSS 3.1 Base Score: 7.8 High
CVSS 3.1 Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Solution (Patch/Workaround)

To defend against possible attacks due to the Linux Sudo vulnerability, sudoers configuration file needs to be checked and reconfigured securely (by changing “Defaults pwfeedback” to “Defaults !pwfeedback” in the sudoers configuration file.).

To determine if a sudoers configuration is affected, “sudo -l” command be run on Linux or MacOS terminals to find whether the “pwfeedback” option is enabled.

Quote by David Bernstein
Quote by David Bernstein

For every lock, there is someone out there trying to pick it or break in.

David Bernstein

Read more educational and inspirational cyber quotes at our page 100+ Best Cyber Security & Hacker Quotes.

References to Advisories, Solutions and Tools

To learn more about other Linux Sudo vulnerabilities, you could also read our articles:

You could also read our popular articles What is a Security Vulnerability? or What is Vulnerability Scanning?