Skip to content

Sudo 1.9.17p1

Choose a tag to compare

View all tags
@millert millert released this 30 Jun 14:04
· 285 commits to main since this release
v1.9.17p1
a377770

  • Fixed CVE-2025-32462. Sudo's -h (--host) option could be specified when running a command or editing a file. This could enable a local privilege escalation attack if the sudoers file allows the user to run commands on a different host. For more information, see Local Privilege Escalation via host option.

  • Fixed CVE-2025-32463. An attacker can leverage sudo's -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. The chroot support has been deprecated an will be removed entirely in a future release. For more information, see Local Privilege Escalation via chroot option.

Assets 120
Loading