CVE-2019-18634 log

Source
Severity High
Remote No
Type Privilege escalation
Description
A flaw was found in the Sudo before version 1.8.31 application when the ’pwfeedback' option is set to true on the sudoers file. An authenticated user can use this vulnerability to trigger a stack-based buffer overflow under certain conditions even without Sudo privileges. The buffer overflow may allow an attacker to expose or corrupt memory information, crash the Sudo application, or possibly inject code to be run as a root user.
Group Package Affected Fixed Severity Status Ticket
AVG-1093 sudo 1.8.30-1 1.8.31-1 High Fixed
Date Advisory Group Package Severity Description
06 Feb 2020 ASA-202002-2 AVG-1093 sudo High privilege escalation
References
https://www.sudo.ws/alerts/pwfeedback.html
https://www.sudo.ws/repos/sudo/rev/84640592b0ff