this post was submitted on 01 Oct 2025

70 points (98.6% liked)

Cybersecurity

8410 readers

172 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems (thehackernews.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

13 comments fedilink hide all child comments

top 13 comments

sorted by: hot top controversial new old

[–] original_reader@lemmy.zip 24 points 2 days ago (3 children)

The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1

Check your version: sudo --version

As mentioned above, sudo version 1.9.17p1 patches this. This version was already released in June of this year, so many distributions should have it.

[–] perishthethought@piefed.social 9 points 2 days ago (3 children)

On Ubuntu 24.04

Sudo version 1.9.15p5

Eep!

[–] fmstrat@lemmy.nowsci.com 3 points 2 days ago

p5. The patch was backported.

[–] GJdan@programming.dev 3 points 2 days ago* (last edited 2 days ago)

It should be backported in supported ubuntu versions.

sudo apt changelog sudo

Tap for spoiler

sudo (1.9.15p5-3ubuntu5.24.04.1) noble-security; urgency=medium

SECURITY UPDATE: Local Privilege Escalation via host option

debian/patches/CVE-2025-32462.patch: only allow specifying a host when listing privileges.

CVE-2025-32462

SECURITY UPDATE: Local Privilege Escalation via chroot option

debian/patches/CVE-2025-32463.patch: remove user-selected root directory chroot option.

CVE-2025-32463

-- Marc Deslauriers marc.deslauriers@ubuntu.com Wed, 25 Jun 2025 08:42:53 -0400

[–] sem@lemmy.blahaj.zone 4 points 2 days ago (1 children)

Wait, shouldn't Ubuntu 24.04 LTS get security bugfixes?

[–] SSUPII@sopuli.xyz 2 points 2 days ago

It does. In fact it is fixed.

All decent LTS/stable distros will cherrypick security fixes into whatever version they stabilized themselves on.

[–] Cyber@feddit.uk 2 points 2 days ago

Thanks for posting the version.

Looks like Arch updated to this version on 1st July.

My DMZ node had it installed a week later, so I'm all smug today

[–] HubertManne@piefed.social 3 points 2 days ago

Its funny because whenever I hear about something like this with foss it tends to be this way but when its proprietary I hear on how they were informed a while back, never patched it, and the founder of the bug is now disclosing based on the timetable they gave the. Feels that way anyway.

[–] CubitOom@infosec.pub 25 points 2 days ago

This vulnerability could allow a local attacker to leverage sudo's -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.

[–] z3rOR0ne@lemmy.ml 6 points 2 days ago (2 children)

Laughs in opendoas

[–] caseyweederman@lemmy.ca 4 points 2 days ago

Ah yes. Security through obscurity.

[–] eleijeep@piefed.social 4 points 2 days ago

nice meme

[–] 9488fcea02a9@sh.itjust.works 1 points 2 days ago

I tried using the systemd alternatie, run0 or whatever.... it's really weird