vulnerability
Arch Linux: Privilege escalation (CVE-2019-18634)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Jan 29, 2020 | Jul 11, 2025 | Nov 27, 2025 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Jan 29, 2020
Added
Jul 11, 2025
Modified
Nov 27, 2025
Description
A flaw was found in the Sudo before version 1.8.31 application when the ’pwfeedback' option is set to true on the sudoers file. An authenticated user can use this vulnerability to trigger a stack-based buffer overflow under certain conditions even without Sudo privileges. The buffer overflow may allow an attacker to expose or corrupt memory information, crash the Sudo application, or possibly inject code to be run as a root user.
Solution
arch-linux-upgrade-latest
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.