Ubuntu Security Notice USN-213-1 - Tavis Ormandy discovered a privilege escalation vulnerability in sudo. On executing shell scripts with sudo, the P4 and SHELLOPTS environment variables were not cleaned properly. If sudo is set up to grant limited sudo privileges to normal users this could be exploited to run arbitrary commands as the target user.
edc8f0c244d39ceb41c3da1b77060c73e66a52308b7156971890553733a48bb9
Local root exploit for sudo versions below 1.6.8p10 that makes use of the environment cleaning flaws with the SHELLOPTS and PS4 variables.
01540d7b6b0b6ee45a0878ef444900d18cdc75c2444c243cfc128279fd8df1b5