Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

📌 CVE-2025-32463 — Sudo --chroot Local Privilege Escalation...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

Vulnerable: sudo 1.9.14 to 1.9.17 Patched...

AZL-64464 CVE-2025-32463 affecting package sudo for versions less than 1.9.17-1

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option...

PT-2022-19418 · Hashicorp +3 · Hashicorp Consul +4

Name of the Vulnerable Software and Affected Versions: HashiCorp Consul and Consul Enterprise versions 1.9.16 and earlier, 1.10.9 and earlier, 1.11.4 and earlier Description: A server-side request forgery issue may occur when the Consul client agent follows redirects returned by HTTP health check...