Start your free trial today.
Protect your organization with cutting-edge cybersecurity solutions designed for resilience and efficiency. Secure your digital assets with confidence.
Your Shield Against Threats
Unleash the Power of Cybersecurity
Boost Your Security, Enhance Your Business
We solve Your Cyber Challenges
Quick Links
Resources
Deepaegis Portals
2025 Deepaegis. All Rights Reserved.
A local privilege escalation vulnerability exists in Sudo before version 1.9.17p1. When using the --chroot option, a local user can gain root access because the system uses /etc/nsswitch.conf from a directory that can be controlled by the user.
Successful exploitation allows a local attacker to elevate privileges and potentially execute arbitrary commands as root. This could lead to full system compromise on affected systems.
Sudo
Affected Version: 1.9
Remediation: Upgrade to Sudo version 1.9.17p1 or later, where the issue has been patched. Avoid using --chroot in untrusted directories.
Upgrade to version 1.9.17p1 of Sudo.
Avoid using --chroot with user-controlled directories.
Restrict local user access to sensitive directories. Use AppArmor/SELinux profiles for containment.
Monitor for changes or references to /etc/nsswitch.conf in chroot environments.
Not specified
Not specified
No references provided
No affected organizations specified
This document contains sensitive information. Unauthorized distribution is prohibited.