sudo allows a system administrator to give users the ability to run commands as other users.
The sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process.
The improper processing of user's environment variables could lead to the editing of arbitrary files as root, potentially leading to root privilege escalation.
There is no known workaround at this time.
All sudo users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-admin/sudo-1.9.12_p2"