A vulnerability in Sudo, a command utility for Linux, could allow a user to execute commands as a root user even if that root access has been specifically disallowed. The bug (CVE-2019-14287) allows attackers to circumvent this built-in security option to block root access for specified users. Sudo patched the vulnerability with the release of version 1.8.28, which Linux distributions will now need to roll out to their users. The vulnerability, discovered by Joe Vennix of Apple Information Security, can be exploited by specifying the user ID of the person executing commands to be -1 or 4294967295
Source: https://threatpost.com/sudo-bug-root-access-linux/149169/