Volerion logoVolerion
Volerion logoVolerion

Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Sudo Privilege Escalation Vulnerability via Chroot Option

Vulnerability

A local privilege escalation vulnerability has been identified in the Sudo utility, specifically in versions 1.9.14 prior to 1.9.17p1. This vulnerability allows unprivileged users to gain root access by exploiting the chroot option. When Sudo is configured to use a user-controlled root directory, an attacker can manipulate the environment to load malicious shared libraries, ultimately executing arbitrary commands as root.

Impact

Exploitation of this vulnerability allows local users to escalate privileges to root, gaining full control over the system.

Reproduction

To reproduce this vulnerability, a local user must have Sudo installed and be in a Sudoers configuration that allows the chroot option. The user can then create a custom nsswitch.conf file in a writable directory, specifying a malicious library that, when loaded by Sudo, executes a payload with root privileges.

Remediation

Users are advised to update Sudo to version 1.9.17p1 or later, where this vulnerability has been fixed.

Added: Sep 1, 2025, 7:22 PM
Updated: Sep 29, 2025, 5:13 PM

Vulnerability Rating

Custom Algorithm
spread
7.8
impact
2.5
exploitability
4.6
remediation
7.7
relevance
0.2
threat
9.2
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.