Sudo Python Environment Variable Handling Security Bypass Vulnerability
Sudo is prone to a security-bypass vulnerability that could lead to arbitrary code execution. This issue is due to an error in the application when handling environment variables.
A local attacker with the ability to run Python scripts can exploit this vulnerability to gain access to an interactive Python prompt. That attacker may then execute arbitrary code with elevated privileges, facilitating the complete compromise of affected computers.
An attacker must have the ability to run Python scripts through Sudo to exploit this vulnerability.
This issue is similar to BID 15394 (Sudo Perl Environment Variable Handling Security Bypass Vulnerability).