Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 — Sudo 1.9.14 → 1.9.17 Local Privilege Escalati...

RockyLinux 10 : sudo (RLSA-2025:11537)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11537 advisory. sudo: LPE via host option CVE-2025-32462 sudo: LPE via chroot option CVE-2025-32463 Tenable has extracted the preceding description block directly from...

EUVD-2024-3054

Malicious code in bioql PyPI...

EUVD-2025-10066

Malicious code in bioql PyPI...

EUVD-2022-47654

Malicious code in bioql PyPI...

EUVD-2022-35028

Malicious code in bioql PyPI...

EUVD-2023-31097

Malicious code in bioql PyPI...

RLSA-2025:11537 Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: LPE via host option CVE-2025-32462 sudo...

sudo security update

An update is available for sudo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sudo packages contain the sudo utility which allows system administrators t...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

Vulnerability Overview CVE-2025-32463 affects Sudo versions 1.9...

VulnCheck KEV: CVE-2025-32463

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option...

Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability

Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo’s -R --chroot option to run arbitrary commands as root, even if they are not listed in the sudoers file...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463-Sudo-Chroot-Escape --- Description This re...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

🚀 CVE-2025-32463 - Secure Your System from Privilege Escalatio...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

🛠️ CVE-2025-32463chwoot - Securely Handle Privileges in Linux...

chw00t

chw00t - Unices chroot breaking tool...

SUSE CVE-2024-22036

A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

Linux Distros Unpatched Vulnerability : CVE-2022-28657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apport does not disable python crash handler before entering chroot CVE-2022-28657 - Apport does not disable python crash handler before entering chroot...

Advisory ROSA-SA-2025-2973

software: sudo 1.9.17p1 WASP: ROSA-CHROME unaffected versions = sudo-1.9.17p1-1 affected versions sudo-1.9.17p1-1 CVE-ID: CVE-2025-32462 BDU-ID: 2025-08356 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Sudo system administration program is related to a flaw in the authorization mechanism...

Metasploit Weekly Wrap-Up 09/05/2025

Persistence Improvements and Exploits This week, the Metasploit team and the community has made improvements to some persistence modules such as Bash, which improves how they function behind the scenes. They have also been tagged with MITRE ATT&CK techniques. A new exploit has also been added thi...