This vulnerability could allow a local attacker to leverage sudo’s -R (–chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.
original_reader@lemmy.zip
on 01 Oct 18:01
nextcollapse
The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1
Check your version:
sudo --version
As mentioned above, sudo version 1.9.17p1 patches this. This version was already released in June of this year, so many distributions should have it.
perishthethought@piefed.social
on 01 Oct 18:57
nextcollapse
On Ubuntu 24.04
Sudo version 1.9.15p5
Eep!
sem@lemmy.blahaj.zone
on 02 Oct 00:13
nextcollapse
Wait, shouldn’t Ubuntu 24.04 LTS get security bugfixes?
HubertManne@piefed.social
on 01 Oct 20:17
nextcollapse
Its funny because whenever I hear about something like this with foss it tends to be this way but when its proprietary I hear on how they were informed a while back, never patched it, and the founder of the bug is now disclosing based on the timetable they gave the. Feels that way anyway.
threaded - newest
Check your version:
sudo --versionAs mentioned above, sudo version 1.9.17p1 patches this. This version was already released in June of this year, so many distributions should have it.
On Ubuntu 24.04
Eep!
Wait, shouldn’t Ubuntu 24.04 LTS get security bugfixes?
It does. In fact it is fixed.
All decent LTS/stable distros will cherrypick security fixes into whatever version they stabilized themselves on.
It should be backported in supported ubuntu versions.
Tap for spoiler
> sudo (1.9.15p5-3ubuntu5.24.04.1) noble-security; urgency=medium > > * SECURITY UPDATE: Local Privilege Escalation via host option > - debian/patches/CVE-2025-32462.patch: only allow specifying a host > when listing privileges. > - CVE-2025-32462 > * SECURITY UPDATE: Local Privilege Escalation via chroot option > - debian/patches/CVE-2025-32463.patch: remove user-selected root > directory chroot option. > - CVE-2025-32463 > > – Marc Deslauriers marc.deslauriers@ubuntu.com Wed, 25 Jun 2025 08:42:53 -0400
p5. The patch was backported.Its funny because whenever I hear about something like this with foss it tends to be this way but when its proprietary I hear on how they were informed a while back, never patched it, and the founder of the bug is now disclosing based on the timetable they gave the. Feels that way anyway.
Thanks for posting the version.
Looks like Arch updated to this version on 1st July.
My DMZ node had it installed a week later, so I’m all smug today
Laughs in opendoas
nice meme
Ah yes. Security through obscurity.
I tried using the systemd alternatie, run0 or whatever… it’s really weird