VulnCheck KEV: CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option...

Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability

Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo’s -R --chroot option to run arbitrary commands as root, even if they are not listed in the sudoers file...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463-Sudo-Chroot-Escape --- Description This re...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

🚀 CVE-2025-32463 - Secure Your System from Privilege Escalatio...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

🛠️ CVE-2025-32463chwoot - Securely Handle Privileges in Linux...

chw00t

chw00t - Unices chroot breaking tool...

SUSE CVE-2024-22036

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

Linux Distros Unpatched Vulnerability : CVE-2022-28657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apport does not disable python crash handler before entering chroot CVE-2022-28657 - Apport does not disable python crash handler before entering chroot...

Advisory ROSA-SA-2025-2973

software: sudo 1.9.17p1 WASP: ROSA-CHROME unaffected versions = sudo-1.9.17p1-1 affected versions sudo-1.9.17p1-1 CVE-ID: CVE-2025-32462 BDU-ID: 2025-08356 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Sudo system administration program is related to a flaw in the authorization mechanism...

Metasploit Weekly Wrap-Up 09/05/2025

Persistence Improvements and Exploits This week, the Metasploit team and the community has made improvements to some persistence modules such as Bash, which improves how they function behind the scenes. They have also been tagged with MITRE ATT&CK techniques. A new exploit has also been added thi...

Sudo Chroot 1.9.17 Privilege Escalation

Sudo before version 1.19.17p1 allows user to use chroot option, when executing command. The option is intended to run a command with user-selected root directory if sudoers file allow it. Change in version 1.9.14 allows resolving paths via chroot using user-specified root directory when sudoers i...

📄 Sudo Chroot 1.9.17 Privilege Escalation

This Metasploit module exploits the chroot vulnerability in Sudo versions prior to 1.9.17p1. It allows the attacker to trick Sudo into loading an arbitrary shared object, thus resulting in a privilege escalation. This module requires Metasploit: https://metasploit.com/download Current source:...

Linux Distros Unpatched Vulnerability : CVE-2016-6299

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. CVE-2016-6299...

Linux Distros Unpatched Vulnerability : CVE-2008-2544

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files,...

Linux Distros Unpatched Vulnerability : CVE-2017-7418

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks...

Linux Distros Unpatched Vulnerability : CVE-2015-2925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The prependpath function in fs/dcache.c in the Linux kernel before 4.2.4 does not properly handle rename actions inside a bind mount, which allows local users t...

K000152954: Sudo vulnerability CVE-2025-32463

Security Advisory Description Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. CVE-2025-32463 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 Exploit Tool This repository contains a Go-bas...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 - Sudo Chroot Privilege Escalation Exploit...

sudo: LPE via chroot option

A flaw was found in Sudo. This flaw allows a local attacker to escalate their privileges by tricking Sudo into loading an arbitrary shared library using the user-specified root directory via the -R --chroot option. An attacker can run arbitrary commands as root on systems that support...