Debian is not affected by the sudo vulnerability because sudo is not installed by default. Ubuntu on the other hand does run sudo.
I first read about it hear: https://www.bleepingcomputer.com/ne...nts-root-access-on-linux-and-other-unix-oses/ BTW would Firejail provide any protection from this exploit?
I think so. First, sudo and su (and other important stuff) are blacklisted in disable-common.inc. Second, seccomp and nonewprivs should prevent privilege escalation. Third, many profiles (e.g. for Firefox) contain noexec ${HOME} and noexec /tmp which means that those folders are mounted noexec, nodev and nosuid so execution of malware should be blocked in the first place.