Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia 9: Sudo Important Vulnerability Update ID MGASA-2025-0213

mageia
Calendar Grey July 25, 2025
Dist Mageia Esm H88
The recent kernel patch for Ubuntu addresses significant vulnerabilities related to privilege escalation and code execution, enhancing the overall security posture of the operating system.
CVE-2025-32462 - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unin...

Summary

CVE-2025-32462 - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines CVE-2025-32463 - Sudo before 1.9.17p1 allows local users to obtain root access because "/etc/nsswitch.conf" from a user-controlled directory is used with the --chroot option.

References

- https://bugs.mageia.org/show_bug.cgi?id=34409

- https://www.openwall.com/lists/oss-security/2025/06/30/2

- https://www.openwall.com/lists/oss-security/2025/06/30/3

-

- https://www.cve.org/CVERecord?id=CVE-2025-32462

- https://www.cve.org/CVERecord?id=CVE-2025-32463

Topics%20covered

Topics Covered

security advisory important sudo root access execution Mageia

Resolution

SRPMS

- 9/core/sudo-1.9.15p5-1.1.mga9

Severity
important
Lowest
Low
Medium
High
Critical

Publication date: 25 Jul 2025
URL: https://advisories.mageia.org/MGASA-2025-0213.html
Type: security
CVE: CVE-2025-32462, CVE-2025-32463

Topics%20covered

Topics Covered

security advisory important sudo root access execution Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here