Sudo Project: >> Sudo >> 1.9.13 Security Vulnerabilities
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
CVSS Score
2.8
EPSS Score
0.225
Published
2025-06-30
Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.
CVSS Score
7.0
EPSS Score
0.0
Published
2023-12-22
Sudo before 1.9.13p2 has a double free in the per-command chroot feature.
CVSS Score
7.2
EPSS Score
0.002
Published
2023-02-28