Post Syndicated from original https://lwn.net/Articles/844257/rss
It would appear that “sudo” has a buffer-overflow vulnerability that allows
any local user to gain root privileges, whether or not they are in the
sudoers file. It has been there since 2011. See this
advisory for details, but perhaps run an update first.