I'm aware, but the in the end that's a relatively uncommon configuration, and would still usually require the users password increasing difficulty of exploitation even further.
Not only that, but in my experience people tend to screw up these setups most of the time allowing easy root shells without sudo vulns.
> usually require the users password increasing difficulty of exploitation even further.
Unless the user themselves is the perpetrator. They know their own password and the superuser believes that the system restrictions will grant them only the limited access that they specified.
I will concede that it's not time to panic, but it's a security bug and one that we know about. Let's continue to keep the bar high for successful exploits.
Are you saying that granting limited sudo access to only specific programs is rare? That's the standard way to do it in every large enterprise, you just don't grant sudo all.
Only in the cloud space is the "sudo all nopasswd" a thing (ubuntu user on AWS).
Any of those and many many more allow for trivial jumping to any command as the target user and you're not improving your security posture compared to ALL, though you make some work harder and some mistakes less likely.
I don't know Linux internals enough to be sure, but maybe this bug is a big deal because it would circumvent logging (even remote rsyslog daemons)? I.E. a sudoer could do nasty things on the system while leaving little to no trace?