sudo is vulnerable to Heap-Based Buffer Over-Read. The vulnerability exists in crypt()
password backend, which contains a plugins/sudoers/auth/passwd.c
array-out-of-bounds error that may result in a heap-based buffer over-read, that can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer.