The vulnerability of the sudo system administration program, related to the activation of functions from an untrusted controlled area when using the "-R" ("--chroot") option, allows a perpetrator to execute arbitrary code and increase their privileges.

The vulnerability of the sudo system administration program relates to the inclusion of functions from an unverified controlled area when the "-R" "--chroot" option is used. Exploiting this vulnerability allows a malicious actor to execute arbitrary code and increase their privileges by placing t...

CBL Mariner 2.0 Security Update: sudo (CVE-2025-32462)

The version of sudo installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32462 advisory. - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor...

[SECURITY] Fedora 41 Update: sudo-1.9.17-2.p1.fc41

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

CVE-2025-32463 affecting package sudo for versions less than 1.9.17-1

CVE-2025-32463 affecting package sudo for versions less than 1.9.17-1. A patched version of the package is available...

CVE-2025-32462 affecting package sudo for versions less than 1.9.17-1

CVE-2025-32462 affecting package sudo for versions less than 1.9.17-1. A patched version of the package is available...

CVE-2025-32462 affecting package sudo for versions less than 1.9.17-1

CVE-2025-32462 affecting package sudo for versions less than 1.9.17-1. A patched version of the package is available...

CVE-2025-32463 affecting package sudo for versions less than 1.9.17-1

CVE-2025-32463 affecting package sudo for versions less than 1.9.17-1. A patched version of the package is available...

Security update for sudo

This update for sudo fixes the following issues: CVE-2025-32462: Fix a possible local privilege escalation via the --host option bsc1245274 CVE-2025-32463: Fix a possible local privilege Escalation via chroot option bsc1245275 Patch Instructions: To install this SUSE update use the SUSE recommend...

SUSE-SU-2025:20489-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2025-32462: Fix a possible local privilege escalation via the --host option bsc1245274 - CVE-2025-32463: Fix a possible local privilege Escalation via chroot option bsc1245275...

RHSA-2025:10707 Red Hat Security Advisory: sudo security update

Bulletin has no description...

Important: Red Hat Security Advisory: sudo security update

An update for sudo is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

sudo: LPE via host option

A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...

Exploit for CVE-2024-31969

📌 CVE-2024-31969 CVE-2024-31969 adalah kerentanan local...

Important: sudo

Issue Overview: Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. CVE-2025-32462 Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.co...

Amazon Linux 2 : sudo (ALAS-2025-2924)

The version of sudo installed on the remote host is prior to 1.8.23-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2924 advisory. Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed...

Important: sudo

Issue Overview: Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. CVE-2025-32462 Affected Packages: sudo Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Amazon Linux 2023 : sudo, sudo-devel, sudo-logsrvd (ALAS2023-2025-1070)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-1070 advisory. Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. CVE-2025-324...

RHEL 9 : sudo (RHSA-2025:10779)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10779 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...

Fedora 41 : sudo (2025-29c6186ffb)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-29c6186ffb advisory. Rebase to sudo 1.9.17p1 - sudo-1916p2 is available. Resolves: rhbz2309626 - sudo: LPE via host option. Resolves: CVE-2025-32462 - Properly apply system...

sudo: LPE via host option

A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option -h or --host. When using the default sudo security policy plugin sudoers, the host option is intended to be used in conjunction with t...