CLSA-2025-1753799090

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2025-1753799090.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1753799090
Upstream
Published
2025-07-29T14:24:55Z
Modified
2026-06-04T09:47:30.611576274Z
Summary
Fix CVE(s): CVE-2025-32462
Details
  • SECURITY UPDATE: restrict users from executing commands on unintended machines
    • debian/patches/CVE-2025-32462.patch: restricts --host usage to sudo -l only, preventing bypass of host-based sudoers rules and avoiding unintended local privilege escalation
    • CVE-2025-32462
References

Affected packages

TuxCare:Ubuntu:20.04 / sudo

Package

Name
sudo
Purl
pkg:deb/tuxcare/sudo?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.31-1ubuntu1.5+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2025-1753799090.json"

TuxCare:Ubuntu:20.04 / sudo-ldap

Package

Name
sudo-ldap
Purl
pkg:deb/tuxcare/sudo-ldap?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.8.31-1ubuntu1.5+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2025-1753799090.json"