CISA adds critical Sudo flaw CVE-2025-32463 and four other exploited vulnerabilities to KEV list.
  • GJdan@programming.devEnglish
    2·
    15 hours ago

    It should be backported in supported ubuntu versions.

    sudo apt changelog sudo

    Tap for spoiler

    sudo (1.9.15p5-3ubuntu5.24.04.1) noble-security; urgency=medium

    • SECURITY UPDATE: Local Privilege Escalation via host option
      • debian/patches/CVE-2025-32462.patch: only allow specifying a host when listing privileges.
      • CVE-2025-32462
    • SECURITY UPDATE: Local Privilege Escalation via chroot option
      • debian/patches/CVE-2025-32463.patch: remove user-selected root directory chroot option.
      • CVE-2025-32463

    – Marc Deslauriers marc.deslauriers@ubuntu.com Wed, 25 Jun 2025 08:42:53 -0400