Can you try the other exploit and check if that works? The one shot exploit didn't work for few people but the other exploit works for most.

Also if you could post the md5sum's for shared libraries linked with sudo, it would be helpful.

^^ MD5s of linked libraries of sudo.

And the other exploit didn't work either. I will look into both more later to figure out why they aren't working.

56f595c810e09f95d15dd0bab263ec00 /usr/lib/x86_64-linux-gnu/libaudit.so.1
b9fd0338f7e7906303bd21b2b6ec1270 /usr/lib/x86_64-linux-gnu/libselinux.so.1
a2ba29e83fbfb761a85ae7ece53680ce /usr/lib/x86_64-linux-gnu/libutil.so.1
d371da546786965fe0ee40147ffef716 /usr/lib/x86_64-linux-gnu/libc.so.6
63e1a9af4d25268077cd6b45dd472873 /usr/lib/x86_64-linux-gnu/libcap-ng.so.0
6196592fa9b0e36d9f473686cfbd36e6 /usr/lib/x86_64-linux-gnu/libpcre2-8.so.0
540ea4f1dff435812d27d7e3e98fbff4 /usr/lib/x86_64-linux-gnu/libdl.so.2
23573d3e8511db1b7401372293863ef6 /usr/lib/x86_64-linux-gnu/libpthread.so.0
41bb8dceb4e83001f3b8a91e9fa43a1c /usr/lib/sudo/libsudo_util.so.0
1d4d7819b104d638947f331a88403d2b /usr/lib64/ld-linux-x86-64.so.2

MD5s in text form.

And the other exploit didn't work either.

Is the other exploit creating directories as root? if it is, then it will work and you just have to adjust the sleep time.

A few of the directories are root but the vast majority are made by user.

If most dirs are owned by root, decrease the sleep otherwise increase.

Tinkered with the sleep a bit. It changes how many dirs are owned by root but the exploit still failed each time. I will investigate it some later when I have more time.