Sudo-Rs Affected by Multiple Security Vulnerabilities – Impacting Ubuntu 25.10
11 days ago
- #Rust
- #Ubuntu
- #Security
- Ubuntu 25.10's transition to Rust system utilities faces multiple issues, including security vulnerabilities in sudo-rs.
- Two moderate security vulnerabilities in sudo-rs affect Ubuntu 25.10, with fixes now being rolled out via stable release updates (SRU).
- Patches include preventing sudo password leaks during timeouts or process termination, using enums for feedback parameters, and ensuring feedback is erased securely.
- sudo-rs version 0.2.10 has been released with these fixes, and updates are being distributed to Ubuntu 25.10 users.
- One of the vulnerabilities, CVE-2025-64170, highlights the risk of sudo password leaks, though full CVE details are not yet public.