A researcher of Apple security has found a vulnerability in sudo utility that could allow to execute arbitrary commands with administrative privileges on Linux or macOS systems.
Sudo is a core command that is pre-installed on macOS and almost every UNIX or Linux-based operating system. The problem stems from a stack-based buffer overflow issue that resides in Sudo versions before 1.8.26. It can be exploited when the „pwfeedback“ option is enabled in the sudoers configuration file.
You can disable the vulnerable component by changing „Defaults pwfeedback“ to „Defaults !pwfeedback“ in the sudoers configuration file.