Cybersecurity

12 readers

6 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Rules

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

founded 2 years ago

MODERATORS

[email protected]

Critical #Sudo Vulnerabilities Let Local Users Gain Root Access on #Linux, Impacting Major Distros (mastodon.thenewoil.org)

submitted 6 days ago by [email protected] to c/[email protected]

2 comments fedilink hide all child comments

Critical #Sudo Vulnerabilities Let Local Users Gain Root Access on #Linux, Impacting Major Distros

https://thehackernews.com/2025/07/critical-sudo-vulnerabilities-let-local.html

#FOSS #cybersecurity

top 2 comments

sorted by: hot top controversial new old

[–] [email protected] 2 points 6 days ago

@[email protected]
CVE-2025-32463 (CVSS score: 9.3) - Sudo before 1.9.17p1 allows local users to obtain root access because "/etc/nsswitch.conf" from a user-controlled directory is used with the --chroot option

This is a really lame CVE. Yikes.

[–] [email protected] 2 points 6 days ago

The major one affects sudo versions 1.9.14 - 1.9.17

Note: The legacy versions of Sudo (currently <= 1.8.32) are not vulnerable because the chroot feature does not exist.

The minor one has been a 12-year bug.