Local Privilege Escalation via chroot option

Update, and if possible don’t use sudo.

1 Like

What common distros ship with this version of sudo?

Sudo versions affected:

Sudo versions 1.9.14 to 1.9.17 inclusive are affected.

External Image

1 Like

well I guess it’s roundabout time, logging into root and updating

A critical Linux vulnerability (CVE-2025-32463) in Sudo lets any local unprivileged user gain root via the --chroot (-R) option

:locked: Affects default configs on Ubuntu, Fedora & others — no Sudo rules needed
:hammer_and_wrench: Fix: Update to Sudo 1.9.17p1+ (no workarounds)
:eyes: CVSS: 9.8 (Critical)
[1]


  1. knoppix: "A critical Linux vulnerability (CVE-2025-32463) i…" - Mastodon ↩︎

related: fedora is currently in the middle of a datacenter move and so package updates are currently in freeze: https://www.fedorastatus.org/
it should hopefully complete soon and updates resume

1 Like

Wouldn’t someone using Run0 prevent an attacker to gain root access in this case?

Also, I believe that if you have AIDE and chkrootkit it could detect the aftermath and if not too late take some action.

Re-warming the discussion in light of a new find:

Is it time to pay closer attention to the security model around sudo?

I was planning on switching to run0 just because, but the added friction of having to type it in every time, and the prompt popping up outside the terminal just felt too foreign for me. Will revisit it when they fix both of those UI/UX issues.

This may be a bit off topic, so moderators feel free to (re)move this post if needed.

I don’t have a fix for the popup prompt. However you can reduce some friction by aliasing sudo to run0 in your “~/.bashrc” like so:

alias sudo="run0"

then reload your .bashrc

source ~/.bashrc

Now anytime you type sudo you are really running “run0”.