* It was found that the original fix for CVE-2017-1000367 was incomplete.
A flaw was found in the way sudo parsed tty information from the process
status file in the proc filesystem. A local user with privileges to
execute commands via sudo could use this flaw to escalate their privileges
to root. (CVE-2017-1000368)
--