this post was submitted on 01 Oct 2025

66 points (98.5% liked)

Cybersecurity

8408 readers

126 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

CISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systems (thehackernews.com)

submitted 1 day ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

13 comments fedilink hide all child comments

top 13 comments

sorted by: hot top controversial new old

[–] 9488fcea02a9@sh.itjust.works 1 points 19 hours ago

I tried using the systemd alternatie, run0 or whatever.... it's really weird

[–] original_reader@lemmy.zip 23 points 1 day ago (3 children)

The vulnerability in question is CVE-2025-32463 (CVSS score: 9.3), which affects Sudo versions prior to 1.9.17p1

Check your version: sudo --version

As mentioned above, sudo version 1.9.17p1 patches this. This version was already released in June of this year, so many distributions should have it.

[–] Cyber@feddit.uk 2 points 1 day ago

Thanks for posting the version.

Looks like Arch updated to this version on 1st July.

My DMZ node had it installed a week later, so I'm all smug today

[–] perishthethought@piefed.social 9 points 1 day ago (3 children)

On Ubuntu 24.04

Sudo version 1.9.15p5

Eep!

[–] fmstrat@lemmy.nowsci.com 3 points 21 hours ago

p5. The patch was backported.

[–] GJdan@programming.dev 2 points 22 hours ago* (last edited 22 hours ago)

It should be backported in supported ubuntu versions.

sudo apt changelog sudo

Tap for spoiler

sudo (1.9.15p5-3ubuntu5.24.04.1) noble-security; urgency=medium

SECURITY UPDATE: Local Privilege Escalation via host option

debian/patches/CVE-2025-32462.patch: only allow specifying a host when listing privileges.

CVE-2025-32462

SECURITY UPDATE: Local Privilege Escalation via chroot option

debian/patches/CVE-2025-32463.patch: remove user-selected root directory chroot option.

CVE-2025-32463

-- Marc Deslauriers marc.deslauriers@ubuntu.com Wed, 25 Jun 2025 08:42:53 -0400

[–] sem@lemmy.blahaj.zone 4 points 1 day ago (1 children)

Wait, shouldn't Ubuntu 24.04 LTS get security bugfixes?

[–] SSUPII@sopuli.xyz 1 points 19 hours ago

It does. In fact it is fixed.

All decent LTS/stable distros will cherrypick security fixes into whatever version they stabilized themselves on.

[–] HubertManne@piefed.social 3 points 1 day ago

Its funny because whenever I hear about something like this with foss it tends to be this way but when its proprietary I hear on how they were informed a while back, never patched it, and the founder of the bug is now disclosing based on the timetable they gave the. Feels that way anyway.

[–] CubitOom@infosec.pub 25 points 1 day ago

This vulnerability could allow a local attacker to leverage sudo's -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.

[–] z3rOR0ne@lemmy.ml 6 points 1 day ago (2 children)

Laughs in opendoas

[–] caseyweederman@lemmy.ca 4 points 1 day ago

Ah yes. Security through obscurity.

[–] eleijeep@piefed.social 4 points 1 day ago

nice meme