A longstanding hole in the Sudo
privilege-delegation tool that was discovered
in late January is a potent local vulnerability. Exploiting it allows local users
to run code of their choosing as root by way of a bog-standard heap-buffer
overflow. It seems like the kind of bug that might have been found earlier via
code inspection or fuzzing, but it has remained in this security-sensitive
utility since it was introduced in 2011.

Source: LWN.net – [$] A major vulnerability in Sudo