sudo: Privilege escalation - CVE-2017-1000367

Description

There is a security vulnerability which affect the Linux sudo packages.

As mentioned in the CVE-2017-1000367: "the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root."
The flaw has been discovered by Qualys Security.

Diagnose

Red Hat provide a script to check if your "sudo" is affected by the vulnerability.

Fix

You should updated sudo packages to the latest version provided by your distribution repository ASAP. The bug is fixed in sudo 1.8.20p2