7.8 CVE-2019-12937



apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow allowing local privilege escalation to the root user via the DISPLAY environment variable.


CWE-787 : Out-of-bounds Write
Typically, this can result in corruption of data, a crash, or code execution. The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.




cpe start end
Configuration 1
cpe:2.3:o:toaruos_project:toaruos:*:*:*:*:*:*:*:* <= 1.10.9


id description date
No known exploits


id description severity
No entry

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution