A flaw exists in sudo’s per-command chroot feature that could result in the variable that stores the command being freed more than once. Sudo versions affected: Sudo versions 1.9.8 through 1.9.13p1 inclusive are affected. Versions of sudo prior to 1.9.8 are not affected. CVE ID: This vulnerability has been assigned CVE-2023-27320 in the Common Vulnerabilities and Exposures database.
