This doesn't seem to have been mentioned in the forums yet.
An attacker can leverage sudo’s
-R(--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. Sudo versions 1.9.14 to 1.9.17 inclusive are affected.CVSS 3 Severity Score: 9.3 - Critical
This and another CVE, with low severity, are fixed in 1.9.17p1: