Alerts This Week
Warning Icon 1 1,161
Alerts This Week
Warning Icon 1 1,161

Slackware: 2025-181-01 important: sudo local privilege escalation

slackware
Calendar Grey June 30, 2025
Dist Slackware Esm H88
Slackware has released updates to mitigate severe vulnerabilities in sudo that may permit unauthorized privilege escalation attacks.
New sudo packages are available for Slackware 15.0 and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/sudo-1.9.17p1-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: Sudo's -h (--host) option could be specified when running a command or editing a file. This could enable a local privilege escalation attack if the sudoers file allows the user to run commands on a different host. An attacker can leverage sudo's -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. The chroot support has been deprecated an will be removed entirely in a future release. For more information, see: https://www.cve.org/CVERecord?id=CVE-2025-32462 https://www.cve.org/CVERecord?id=CVE-2025-32463 (* Security fix *)

Topics%20covered

Topics Covered

security advisory security issue local privilege escalation important slackware sudo

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/sudo-1.9.17p1-i586-1_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/sudo-1.9.17p1-x86_64-1_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/sudo-1.9.17p1-i686-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/ap/sudo-1.9.17p1-x86_64-1.txz

MD5 Signatures

Slackware 15.0 package: 76fec7d6ec03dc4d36c3f43958a66b13 sudo-1.9.17p1-i586-1_slack15.0.txz
Slackware x86_64 15.0 package: ebd295a2dd2c7f038b1bbabd6eedc846 sudo-1.9.17p1-x86_64-1_slack15.0.txz
Slackware -current package: 9d8797566f3877aeb73ff357c70c3c54 ap/sudo-1.9.17p1-i686-1.txz
Slackware x86_64 -current package: afd4d81a675009c0bfae8948f2c6d938 ap/sudo-1.9.17p1-x86_64-1.txz

Severity
important
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory security issue local privilege escalation important slackware sudo

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg sudo-1.9.17p1-i586-1_slack15.0.txz

Your message here