Sudo 安全漏洞

Sudo is a program developed by the Sudo Project, open source, designed for use in Unix-like systems. It allows users to execute commands with special permissions in a secure manner. Versions of Sudo 1.9.17p2 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the...

NewStart CGSL MAIN 7.02 : sudo Multiple Vulnerabilities (NS-SA-2025-0246)

The remote NewStart CGSL host, running version MAIN 7.02, has sudo packages installed that are affected by multiple vulnerabilities: - Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user- controlled directory is used with the --chroot option...

EUVD-2018-2921

Malware in sbrugna...

EUVD-2014-9490

Malware in sbrugna...

[Important] [Security] Fixes for vulnerabilities in sudo, rsync, and microcode_ctl (CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332) for Virtuozzo Hybrid Server 7.5

This update fixes the vulnerabilities in sudo, rsync, and microcodectl registered as CVE-2025-32462, CVE-2024-12085, and CVE-2024-45332. Additionally, this update includes a fix for NetKVM drivers that caused some Windows virtual machines to crash. Vulnerability id: CVE-2025-32462 A privilege...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 Vulnerability Experiment Environment !Docker...

Oracle Linux 10 : sudo (ELSA-2025-11537)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-11537 advisory. - CVE-2025-32462 sudo: LPE via host option Resolves: RHEL-100009 Tenable has extracted the preceding description block directly from the Oracle Linux...

Exploit for Incorrect Authorization in Sudo_Project Sudo

CVE-2025-32462-32463-Detection-Script- Critical Sudo Vulnerabi...

Amazon Linux 2023 : sudo, sudo-devel, sudo-logsrvd (ALAS2023-2025-1070)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1070 advisory. Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. CVE-2025-324...

RHSA-2025:10520 Red Hat Security Advisory: sudo security update

Bulletin has no description...

Exploit for Incorrect Authorization in Sudo_Project Sudo

CVE-2025-32462 & CVE-2025-32463 – PoC Lab This is a container...

Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on susceptible machines. A brief description of the vulnerabilities is below - CVE-2025-324...

CVE-2025-32462 vulnerabilities

Vulnerabilities for packages: sudo...

Ubuntu 22.04 LTS / 24.04 LTS / 24.10 / 25.04 : Sudo vulnerabilities (USN-7604-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7604-1 advisory. Rich Mirch discovered that Sudo incorrectly handled the host option. In environments where per-host rules are configured in t...

sudo: Privilege escalation

Background sudo allows a system administrator to give users the ability to run commands as other users. Description Multiple vulnerabilities have been discovered in sudo. Please review the CVE identifiers referenced below for details. Impact An attacker can escalate privileges to root by providin...

USN-7604-1: Sudo vulnerabilities

Rich Mirch discovered that Sudo incorrectly handled the host option. In environments where per-host rules are configured in the sudoers file, a local attacker could use this issue to bypass the host restrictions. CVE-2025-32462 Rich Mirch discovered that Sudo incorrectly handled the chroot option...

Slackware Linux 15.0 / current sudo Multiple Vulnerabilities (SSA:2025-181-01)

The version of sudo installed on the remote host is prior to 1.9.17p1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2025-181-01 advisory. New sudo packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the preceding...

PT-2025-20704 · Sudo-Rs · Sudo-Rs

Name of the Vulnerable Software and Affected Versions: sudo-rs versions prior to 0.2.6 Description: The issue allows users with limited sudo privileges to enumerate the sudoers file, revealing sensitive information about other users' permissions. This can be achieved using the -U flag. Attackers...

Advisory ROSA-SA-2025-2719

Software: sudo 1.9.5p2 OS: ROSA Virtualization 3.0 packageevrstring: sudo-1.9.5p2-1 CVE-ID: CVE-2021-3156 BDU-ID: 2021-00364 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the parseargs function of the Sudo system administration program is related to a buffer overflow in dynamic memory. Exploitatio...

RHSA-2017:1574 Red Hat Security Advisory: sudo security update

Bulletin has no description...