Medium
Canonical Ubuntu
Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and execute arbitrary commands. (CVE-2016-7076)
It was discovered that Sudo did not properly parse the contents of /proc/[pid]/stat when attempting to determine its controlling tty. A local attacker in some configurations could possibly use this to overwrite any file on the filesystem, bypassing intended permissions. (CVE-2017-1000368)
CVEs contained in this USN include: CVE-2016-7076, CVE-2017-1000368
Severity is medium unless otherwise noted.
Users of affected products are strongly encouraged to follow one of the mitigations below: