I tried using the systemd alternatie, run0 or whatever… it’s really weird
The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1
Check your version:
sudo --versionAs mentioned above, sudo version 1.9.17p1 patches this. This version was already released in June of this year, so many distributions should have it.
Thanks for posting the version.
Looks like Arch updated to this version on 1st July.
My DMZ node had it installed a week later, so I’m all smug today
On Ubuntu 24.04
Sudo version 1.9.15p5
Eep!
p5. The patch was backported.It should be backported in supported ubuntu versions.
sudo apt changelog sudo
Tap for spoiler
sudo (1.9.15p5-3ubuntu5.24.04.1) noble-security; urgency=medium
- SECURITY UPDATE: Local Privilege Escalation via host option
- debian/patches/CVE-2025-32462.patch: only allow specifying a host when listing privileges.
- CVE-2025-32462
- SECURITY UPDATE: Local Privilege Escalation via chroot option
- debian/patches/CVE-2025-32463.patch: remove user-selected root directory chroot option.
- CVE-2025-32463
– Marc Deslauriers [email protected] Wed, 25 Jun 2025 08:42:53 -0400
- SECURITY UPDATE: Local Privilege Escalation via host option
Wait, shouldn’t Ubuntu 24.04 LTS get security bugfixes?
It does. In fact it is fixed.
All decent LTS/stable distros will cherrypick security fixes into whatever version they stabilized themselves on.
Its funny because whenever I hear about something like this with foss it tends to be this way but when its proprietary I hear on how they were informed a while back, never patched it, and the founder of the bug is now disclosing based on the timetable they gave the. Feels that way anyway.
This vulnerability could allow a local attacker to leverage sudo’s -R (–chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.
Laughs in opendoas
Ah yes. Security through obscurity.
nice meme
