Sudo vulnerability

ID USN-3304-1
Type ubuntu
Reporter Ubuntu
Modified 2017-05-30T00:00:00


It was discovered that Sudo did not properly parse the contents of
/proc/[pid]/stat when attempting to determine its controlling tty.
A local attacker in some configurations could possibly use this to
overwrite any file on the filesystem, bypassing intended permissions.