← Back to all briefings
Cybersecurity 5 min read Published Updated Credibility 40/100

sudo fixes CVE-2019-18634 privilege escalation

A heap overflow in sudo's pwfeedback logic (CVE-2019-18634) allowed local privilege escalation to root on Linux and macOS systems; administrators must update to sudo 1.8.31p2 or vendor equivalents.

Zeph Tech Research Lead

Research lead, Zeph Tech

Timeline plotting source publication cadence sized by credibility.
2 publication timestamps supporting this briefing. Source data (JSON)

Executive briefing: The sudo project released an advisory on for CVE-2019-18634, a heap-based overflow in the pwfeedback feature that can lead to local root compromise. The flaw is exploitable even when sudoers policy normally forbids a user from running commands as root, affecting default builds on many Linux distributions when pwfeedback is enabled.

Operator action: Patch to sudo 1.8.31p2 or distribution updates, deploy quickly on shared multi-user hosts, and confirm pwfeedback remains disabled until patched. Hunt for suspicious uses of sudo with unexpected input errors in system logs and monitor for privilege escalation anomalies.

Sources: Upstream advisory and changelog detail the patch; distribution security bulletins provide package versions and restart guidance.

Timeline plotting source publication cadence sized by credibility.
2 publication timestamps supporting this briefing. Source data (JSON)
Horizontal bar chart of credibility scores per cited source.
Credibility scores for every source cited in this briefing. Source data (JSON)

Related briefings

Curated signals from the same pillar or overlapping topics.

Continue in the Cybersecurity pillar

Return to the hub for curated research and deep-dive guides.

Visit pillar hub

Latest guides

  • sudo
  • CVE-2019-18634
  • privilege escalation
Back to curated briefings