Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 8 days agoCISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systemsthehackernews.comexternal-linkmessage-square13linkfedilinkarrow-up171arrow-down11
arrow-up170arrow-down1external-linkCISA Sounds Alarm on Critical Sudo Flaw Actively Exploited in Linux and Unix Systemsthehackernews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 8 days agomessage-square13linkfedilink
minus-squareperishthethought@piefed.sociallinkfedilinkEnglisharrow-up10arrow-down1·8 days agoOn Ubuntu 24.04 Sudo version 1.9.15p5 Eep!
minus-squaresem@lemmy.blahaj.zonelinkfedilinkEnglisharrow-up4·8 days agoWait, shouldn’t Ubuntu 24.04 LTS get security bugfixes?
minus-squareSSUPII@sopuli.xyzlinkfedilinkEnglisharrow-up3·7 days agoIt does. In fact it is fixed. All decent LTS/stable distros will cherrypick security fixes into whatever version they stabilized themselves on.
minus-squarefmstrat@lemmy.nowsci.comlinkfedilinkEnglisharrow-up3·7 days agop5. The patch was backported.
minus-squareGJdan@programming.devlinkfedilinkEnglisharrow-up3·edit-27 days agoIt should be backported in supported ubuntu versions. sudo apt changelog sudo Tap for spoiler sudo (1.9.15p5-3ubuntu5.24.04.1) noble-security; urgency=medium SECURITY UPDATE: Local Privilege Escalation via host option debian/patches/CVE-2025-32462.patch: only allow specifying a host when listing privileges. CVE-2025-32462 SECURITY UPDATE: Local Privilege Escalation via chroot option debian/patches/CVE-2025-32463.patch: remove user-selected root directory chroot option. CVE-2025-32463 – Marc Deslauriers marc.deslauriers@ubuntu.com Wed, 25 Jun 2025 08:42:53 -0400
On Ubuntu 24.04
Eep!
Wait, shouldn’t Ubuntu 24.04 LTS get security bugfixes?
It does. In fact it is fixed.
All decent LTS/stable distros will cherrypick security fixes into whatever version they stabilized themselves on.
p5. The patch was backported.It should be backported in supported ubuntu versions.
Tap for spoiler