Sudo Vulnerability (CVE-2019-18634) could allow low privileged users or malicious programs to execute arbitrary commands with administrative (‘root’) privileges. The vulnerability can only be exploited when the “pwfeedback” option is enabled in the “sudoers” configuration file. Apple has also released a patch update for the vulnerable Sudo version 1.8.31 with a patch. The bug can be reproduced by passing a large input to the command via a pipe when it prompts for a password.
Source: https://thehackernews.com/2020/02/sudo-linux-vulnerability.html