Описание
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.8.21p2-3ubuntu1.2 |
| devel | released | 1.8.31-1ubuntu1 |
| eoan | released | 1.8.27-1ubuntu4.1 |
| esm-infra-legacy/trusty | released | 1.8.9p5-1ubuntu1.5+esm3 |
| esm-infra/bionic | released | 1.8.21p2-3ubuntu1.2 |
| esm-infra/xenial | released | 1.8.16-0ubuntu1.9 |
| precise/esm | not-affected | 1.8.3p1-1ubuntu3.9 |
| trusty | ignored | end of standard support |
| trusty/esm | released | 1.8.9p5-1ubuntu1.5+esm3 |
| upstream | released | 1.8.31 |
Показывать по
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c.
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users ...
EPSS
4.6 Medium
CVSS2
7.8 High
CVSS3