A vulnerability has been discovered in Sudo’s get_process_ttyname() in linux command. this function opens “/proc/[pid]/stat” (man proc) and reads the device number of the tty from field 7 (tty_nr). Unfortunately, these fields are space-separated and field 2 (comm, the filename of the command) can contain spaces (CVE-2017-1000367). How to Fix? This vulnerability affected most...