CVE ID
CVE-2017-1000368
DESCRIPTION
It was found that the original fix for CVE-2017-1000367 was incomplete. A flaw
was found in the way sudo parsed tty information from the process status file
in the proc filesystem. A local user with privileges to execute commands via
sudo could use this flaw to escalate their privileges to root.
CVSS3 Base Score 7.3
Related CVEs: CVE-2017-1000367
RESOLUTION
Fixed in latest Unitrends security update with
sudo-1.8.6p3-29.el6_9