Search for packages
| purl | pkg:alpm/archlinux/sudo@1.8.30-1 |
| Next non-vulnerable version | 1.8.31-1 |
| Latest non-vulnerable version | 1.9.5.p2-1 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-uzg3-q58h-aaad
Aliases: CVE-2019-18634 |
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-03-28T07:45:53.487252+00:00 | Arch Linux Importer | Affected by | VCID-uzg3-q58h-aaad | https://security.archlinux.org/AVG-1093 | 36.0.0 |
| 2024-12-17T23:21:14.997454+00:00 | Arch Linux Importer | Affected by | VCID-uzg3-q58h-aaad | https://security.archlinux.org/AVG-1093 | 35.0.0 |
| 2024-09-18T02:00:55.988404+00:00 | Arch Linux Importer | Affected by | VCID-uzg3-q58h-aaad | https://security.archlinux.org/AVG-1093 | 34.0.1 |
| 2024-01-10T10:23:56.401621+00:00 | Arch Linux Importer | Affected by | VCID-uzg3-q58h-aaad | https://security.archlinux.org/AVG-1093 | 34.0.0rc2 |
| 2024-01-03T22:27:12.965497+00:00 | Arch Linux Importer | Affected by | VCID-uzg3-q58h-aaad | https://security.archlinux.org/AVG-1093 | 34.0.0rc1 |