Sudo local privilege escalation vulnerabilities fixed helpnetsecurity.com 10 points by maxloh 3 days ago
baobun 3 days ago CVE-2025-32463 looks bad. Systems with sudo versions 1.9.14 to 1.9.17 and support for /etc/nsswitch.conf (that's most modern dists) allow users not even in sudoers to acquire root by sudo --chroot on a chroot they can write into.https://seclists.org/oss-sec/2025/q2/288The --chroot flag is now deprecated. I guess there must be a few build systems affected by that.BTW is the CSS on TFA making the text unreadably low contrast for others too?Readable: https://www.stratascale.com/vulnerability-alert-CVE-2025-324...
CVE-2025-32463 looks bad. Systems with sudo versions 1.9.14 to 1.9.17 and support for /etc/nsswitch.conf (that's most modern dists) allow users not even in sudoers to acquire root by sudo --chroot on a chroot they can write into.
https://seclists.org/oss-sec/2025/q2/288
The --chroot flag is now deprecated. I guess there must be a few build systems affected by that.
BTW is the CSS on TFA making the text unreadably low contrast for others too?
Readable: https://www.stratascale.com/vulnerability-alert-CVE-2025-324...