CVE-2025-64517

sudo-rs (Rust implementation of sudo) is affected by CVE-2025-64517. Versions prior to 0.2.10 incorrectly recorded the invoking user’s UID in the authentication timestamp when Defaults targetpw/rootpw are enabled, which could allow a highly-privileged user to run commands as other accounts using ...

USN-7867-1 rust-sudo-rs vulnerabilities

It was discovered that sudo-rs incorrectly handled passwords when timeouts occurred and the pwfeedback default was not set. This could result in a partially typed password being output to standard input, contrary to expectations. It was discovered that sudo-rs incorrectly handled the targetpw and...

DEBIAN-CVE-2025-46718

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges e.g. execution of a single command can list sudo privileges of other users using the -U flag. This vulnerability allows users with limited sudo privileges to enumerat...

DEBIAN-CVE-2025-46717

sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no or very limited sudo privileges can determine whether files exists in folders that they otherwise cannot access using sudo --list . Users with local access to a machine can discover the...