Researchers at security firm Qualys have discovered a vulnerability in sudo that allows a local attacker on the list of sudoers to gain root privileges on a vulnerable system. Patches are now available.
Qualys describes the vulnerability with attribute CVE-2017-1000367 on the Openwall mailing list. The method works on a system where the SELinux security module is enabled. There, an attacker can overwrite files on the system, including files assigned to root, using a command that does not grant him root privileges. Think of files like /etc/shadow or /etc/sudoers.
Sudo is a component that is intended to grant certain users permissions to run programs with root permissions. This vulnerability allows any user with sudo privileges to elevate their privileges to root. Several distributions have released patches, including Debian, Ubuntu 17.04, 16.10, 16.04 lts and 14.04 lts, and Red Hat. An overview of affected systems is also available. Vulnerable versions of sudo are 1.8.6p7 through 1.8.20. In the various advisories it is recommended to perform an update.