Posted on Leave a comment

CVE-2019-12937

apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable.

What are your thoughts?