Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 2 days agoCISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systemsthehackernews.comexternal-linkmessage-square13fedilinkarrow-up167arrow-down11
arrow-up166arrow-down1external-linkCISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systemsthehackernews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 2 days agomessage-square13fedilink
minus-squareperishthethought@piefed.sociallinkfedilinkEnglisharrow-up10arrow-down1·2 days agoOn Ubuntu 24.04 Sudo version 1.9.15p5 Eep!
minus-squarefmstrat@lemmy.nowsci.comlinkfedilinkEnglisharrow-up3·1 day agop5. The patch was backported.
minus-squareGJdan@programming.devlinkfedilinkEnglisharrow-up2·edit-21 day agoIt should be backported in supported ubuntu versions. sudo apt changelog sudo Tap for spoiler sudo (1.9.15p5-3ubuntu5.24.04.1) noble-security; urgency=medium SECURITY UPDATE: Local Privilege Escalation via host option debian/patches/CVE-2025-32462.patch: only allow specifying a host when listing privileges. CVE-2025-32462 SECURITY UPDATE: Local Privilege Escalation via chroot option debian/patches/CVE-2025-32463.patch: remove user-selected root directory chroot option. CVE-2025-32463 – Marc Deslauriers marc.deslauriers@ubuntu.com Wed, 25 Jun 2025 08:42:53 -0400
minus-squaresem@lemmy.blahaj.zonelinkfedilinkEnglisharrow-up4·2 days agoWait, shouldn’t Ubuntu 24.04 LTS get security bugfixes?
minus-squareSSUPII@sopuli.xyzlinkfedilinkEnglisharrow-up2·1 day agoIt does. In fact it is fixed. All decent LTS/stable distros will cherrypick security fixes into whatever version they stabilized themselves on.
On Ubuntu 24.04
Eep!
p5. The patch was backported.It should be backported in supported ubuntu versions.
Tap for spoiler
Wait, shouldn’t Ubuntu 24.04 LTS get security bugfixes?
It does. In fact it is fixed.
All decent LTS/stable distros will cherrypick security fixes into whatever version they stabilized themselves on.