CVE-2019-18634: Buffer Overflow
First published: Tue Jan 28 2020(Updated: )
Apple macOS Catalina is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the privileged sudo process. By sending an overly long string to the stdin of getln() in tgetpass.c., a local attacker could overflow a buffer and execute arbitrary code on the system.
Credit: cve@mitre.org Apple cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sudo Project Sudo | >=1.7.1<1.8.26 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Debian Debian Linux | =10.0 | |
| debian/sudo | <=1.8.19p1-2.1<=1.8.29-1<=1.8.27-1<=1.8.27-1+deb10u1<=1.8.19p1-2.1+deb9u1 | 1.8.31-1 1.8.27-1+deb10u2 1.8.19p1-2.1+deb9u2 |
| Apple macOS Catalina | <10.15.3 | 10.15.3 |
| Apple Mojave | ||
| Apple High Sierra | ||
| redhat/sudo | <1.8.31 | 1.8.31 |
| IBM Data Risk Manager | <=2.0.6 | |
| debian/sudo | 1.9.5p2-3+deb11u1 1.9.13p3-1+deb12u1 1.9.15p5-3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00029.html
- http://packetstormsecurity.com/files/156174/Slackware-Security-Advisory-sudo-Updates.html
- http://packetstormsecurity.com/files/156189/Sudo-1.8.25p-Buffer-Overflow.html
- http://seclists.org/fulldisclosure/2020/Jan/40
- http://www.openwall.com/lists/oss-security/2020/01/30/6
- http://www.openwall.com/lists/oss-security/2020/01/31/1
- http://www.openwall.com/lists/oss-security/2020/02/05/2
- http://www.openwall.com/lists/oss-security/2020/02/05/5
- https://access.redhat.com/errata/RHSA-2020:0487
- https://access.redhat.com/errata/RHSA-2020:0509
- https://access.redhat.com/errata/RHSA-2020:0540
- https://access.redhat.com/errata/RHSA-2020:0726
- https://lists.debian.org/debian-lts-announce/2020/02/msg00002.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/
- https://seclists.org/bugtraq/2020/Feb/2
- https://seclists.org/bugtraq/2020/Feb/3
- https://seclists.org/bugtraq/2020/Jan/44
- https://security.gentoo.org/glsa/202003-12
- https://security.netapp.com/advisory/ntap-20200210-0001/
- https://support.apple.com/kb/HT210919
- https://usn.ubuntu.com/4263-1/
- https://usn.ubuntu.com/4263-2/
- https://www.debian.org/security/2020/dsa-4614
- https://www.sudo.ws/alerts/pwfeedback.html
- https://www.sudo.ws/security.html
- https://security-tracker.debian.org/tracker/CVE-2019-18634
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18634
- https://www.openwall.com/lists/oss-security/2020/01/30/6
- https://github.com/sudo-project/sudo/commit/fa8ffeb17523494f0e8bb49a25e53635f4509078
- https://www.openwall.com/lists/oss-security/2020/01/31/1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950371
- https://support.apple.com/en-us/HT210919 (Advisory)
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1796945
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1798531
- https://access.redhat.com/security/cve/cve-2019-18634
- https://bugzilla.redhat.com/show_bug.cgi?id=1796944
- https://exchange.xforce.ibmcloud.com/vulnerabilities/175358
- https://www.ibm.com/support/pages/node/6335281 (Advisory)
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/
- https://github.com/sudo-project/sudo/commit/b5d2010b6514ff45693509273bb07df3abb0bf0a
- https://github.com/sudo-project/sudo/commit/ab2cba0f5d8b286e8e52c06076efd32434f538ae
- https://www.openwall.com/lists/oss-security/2020/02/05/2
- https://launchpad.net/bugs/cve/CVE-2019-18634
- https://nvd.nist.gov/vuln/detail/CVE-2019-18634
- https://ubuntu.com/security/CVE-2019-18634
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-3877
- CVE-2019-11043
- CVE-2020-3857
- CVE-2020-3866
- CVE-2020-3848
- CVE-2020-3849
- CVE-2020-3850
- CVE-2020-3847
- CVE-2020-3835
- CVE-2020-3863
- CVE-2020-9774
- CVE-2020-3827
- CVE-2020-3826
- CVE-2020-3870
- CVE-2020-3878
- CVE-2020-3880
- CVE-2020-3845
- CVE-2020-3837
- CVE-2020-3851
- CVE-2020-3840
- CVE-2020-3875
- CVE-2020-3872
- CVE-2020-3853
- CVE-2020-3836
- CVE-2020-3842
- CVE-2020-3871
- CVE-2020-3846
- CVE-2020-3856
- CVE-2020-3829
- CVE-2020-3830
- CVE-2020-3854
- CVE-2019-18634
- CVE-2020-3855
- CVE-2020-3839
- CVE-2020-3843
- CVE-2020-3838
Frequently Asked Questions
What is CVE-2019-18634?
CVE-2019-18634 is a vulnerability in sudo that allows for a buffer overflow attack due to memory handling issues.
What software is affected by CVE-2019-18634?
CVE-2019-18634 affects macOS Catalina (up to version 10.15.3), Mojave, and High Sierra.
How can I fix CVE-2019-18634?
To fix CVE-2019-18634, update your Apple macOS to version 10.15.3 or install the latest security updates for Mojave or High Sierra.
What is the severity of CVE-2019-18634?
The severity of CVE-2019-18634 is not specified in the description.
Where can I find more information about CVE-2019-18634?
More information about CVE-2019-18634 can be found at the following reference: [https://support.apple.com/en-us/HT210919](https://support.apple.com/en-us/HT210919)
- collector/nvd-index
- collector/debian-bugs
- alias/CVE-2019-18634
- agent/type
- agent/first-publish-date
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/severity
- agent/weakness
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- collector/ibm-support
- source/IBM
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/remedy
- agent/references
- agent/description
- collector/security-tracker-debian
- source/Debian
- collector/nvd-cve
- source/NVD
- collector/launchpad-cve
- source/Launchpad
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- collector/usn-cve
- source/Ubuntu
- vendor/sudo project
- canonical/sudo project sudo
- version/sudo project sudo/1.7.1
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- version/debian debian linux/10.0
- package-manager/debian
- vendor/apple
- canonical/apple macos catalina
- canonical/apple mojave
- canonical/apple high sierra
- package-manager/redhat
- vendor/ibm
- canonical/ibm data risk manager
- version/ibm data risk manager/2.0.6