#21802 closed enhancement (fixed)
sudo-1.9.17p1
| Reported by: | Joe Locash | Owned by: | Bruce Dubbs |
|---|---|---|---|
| Priority: | elevated | Milestone: | 12.4 |
| Component: | BOOK | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
This version fixes two CVE's which could allow for elevated priveledges.
CVE-2025-32462: sudo local privilege escalation via host option
CVE-2025-32463: sudo local privilege escalation via chroot option
Change History (6)
comment:1 by , 7 months ago
| Priority: | elevated → high |
|---|
comment:2 by , 7 months ago
| Priority: | high → elevated |
|---|
Back to elevated. The exploit is only possible with custom sudoer rules we don't demonstrate in the book.
comment:3 by , 7 months ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:4 by , 7 months ago
What's new in Sudo 1.9.17p1
- Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified when running a command or editing a file. This could enable a local privilege escalation attack if the sudoers file allows the user to run commands on a different host.
- Fixed CVE-2025-32463. An attacker can leverage sudo's -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. The chroot support has been deprecated an will be removed entirely in a future release.
comment:5 by , 7 months ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
Fixed at commits
25c91eb12a Update to sudo-1.9.17p1. b9673fe39b Update to LVM2.2.03.33. 1013670482 Update to libqalculate-5.6.0. 1f113a6384 Add info about failing libqalculate tests. 7ae289ba19 Update to taglib-2.1.1. 38645cdc23 Update to SPIRV-LLVM-Translator-20.1.4.
Note:
See TracTickets
for help on using tickets.
Raise to high as at least one of them is trivially exploitable.