Vulnerability-Lookup

BDU:2025-08356

Vulnerability from fstec - Published: 30.06.2025

Title

Уязвимость программы системного администрирования Sudo, связанная с недостатками механизма авторизации, позволяющая нарушителю повысить свои привилегии

Description

Уязвимость программы системного администрирования Sudo связана с недостатками механизма авторизации. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии

Severity ?


                    
                      AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N

Vendor

Canonical Ltd., Сообщество свободного программного обеспечения, ООО «Ред Софт», ООО «РусБИТех-Астра», Red Hat Inc., АО «НТЦ ИТ РОСА», Todd C. Miller, АО «СберТех», АО "НППКТ", ООО «НЦПР»

Software Name

Ubuntu, Debian GNU/Linux, РЕД ОС (запись в едином реестре российских программ №3751), Astra Linux Special Edition (запись в едином реестре российских программ №369), Red Hat Enterprise Linux, Astra Linux Common Edition (запись в едином реестре российских программ №4433), РОСА ХРОМ (запись в едином реестре российских программ №1607), Sudo, Platform V SberLinux OS Server (запись в едином реестре российских программ №18785), ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), МСВСфера

Software Version

14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (РЕД ОС), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 22.04 LTS (Ubuntu), 9 (Red Hat Enterprise Linux), 1.6 «Смоленск» (Astra Linux Common Edition), 12.4 (РОСА ХРОМ), 24.04 LTS (Ubuntu), 1.8 (Astra Linux Special Edition), 24.10 (Ubuntu), 25.04 (Ubuntu), 10 (Red Hat Enterprise Linux), от 1.8.8 до 1.9.17p1 (Sudo), 9.1 (Platform V SberLinux OS Server), до 2.14 (ОСОН ОСнова Оnyx), 9.5 (МСВСфера), 3.8 (Astra Linux Special Edition)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Sudo: https://www.openwall.com/lists/oss-security/2025/06/30/2 https://www.sudo.ws/security/advisories/host_any/ Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/CVE-2025-32462 Для программных продуктов Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2025-32462 Для программных продуктов Ubuntu: https://ubuntu.com/security/CVE-2025-32462 Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ Для ОС Astra Linux: обновить пакет sudo до 1.9.13p3-1+deb12u1.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18 Для операционной системы РОСА ХРОМ: https://abf.rosa.ru/advisories/ROSA-SA-2025-2973 Для ОС Astra Linux: обновить пакет sudo до 1.8.27-1+deb10u6.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17 Обновление программного обеспечения sudo до версии 1.9.5p2-3+deb11u2.osnova2u1 Для ОС Astra Linux: обновить пакет sudo до 1.8.27-1+deb10u6.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1020SE47 Для МСВСфера: https://errata.msvsphere-os.ru/definition/9/INFCSA-2025:9978?lang=ru Для ОС Astra Linux: обновить пакет sudo до 1.8.19p1-2.1+deb9u7+ci202512021609+astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16 Для ОС Astra Linux: обновить пакет sudo до 1.9.13p3-1+deb12u1.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38 Для ОС Astra Linux: обновить пакет sudo до 1.9.13p3-1+deb12u1.astra1 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38

Reference

https://www.openwall.com/lists/oss-security/2025/06/30/2 https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host https://access.redhat.com/security/cve/CVE-2025-32462 https://security-tracker.debian.org/tracker/CVE-2025-32462 https://ubuntu.com/security/CVE-2025-32462 http://repo.red-soft.ru/redos/7.3c/x86_64/updates/ https://www.sudo.ws/security/advisories/host_any/ https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18 https://abf.rosa.ru/advisories/ROSA-SA-2025-2973 https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17 https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.14/ https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1020SE47 https://errata.msvsphere-os.ru/definition/9/INFCSA-2025:9978?lang=ru https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16 https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38 https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38

CWE

CWE-863

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:H/Au:S/C:N/I:P/A:N",
  "CVSS 3.0": "AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Red Hat Inc., \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb, Todd C. Miller, \u0410\u041e \u00ab\u0421\u0431\u0435\u0440\u0422\u0435\u0445\u00bb, \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u041e\u041e\u041e \u00ab\u041d\u0426\u041f\u0420\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "14.04 LTS (Ubuntu), 16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 7.3 (\u0420\u0415\u0414 \u041e\u0421), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition), 22.04 LTS (Ubuntu), 9 (Red Hat Enterprise Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Common Edition), 12.4 (\u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c), 24.04 LTS (Ubuntu), 1.8 (Astra Linux Special Edition), 24.10 (Ubuntu), 25.04 (Ubuntu), 10 (Red Hat Enterprise Linux), \u043e\u0442 1.8.8 \u0434\u043e 1.9.17p1 (Sudo), 9.1 (Platform V SberLinux OS Server), \u0434\u043e 2.14 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), 9.5 (\u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430), 3.8 (Astra Linux Special Edition)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Sudo:\nhttps://www.openwall.com/lists/oss-security/2025/06/30/2\nhttps://www.sudo.ws/security/advisories/host_any/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2025-32462\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2025-32462\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Ubuntu:\nhttps://ubuntu.com/security/CVE-2025-32462\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 sudo \u0434\u043e 1.9.13p3-1+deb12u1.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\n\n\u0414\u043b\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c: https://abf.rosa.ru/advisories/ROSA-SA-2025-2973\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 sudo \u0434\u043e 1.8.27-1+deb10u6.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f sudo \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.9.5p2-3+deb11u2.osnova2u1\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 sudo \u0434\u043e 1.8.27-1+deb10u6.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1020SE47\n\n\u0414\u043b\u044f \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430: https://errata.msvsphere-os.ru/definition/9/INFCSA-2025:9978?lang=ru\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 sudo \u0434\u043e 1.8.19p1-2.1+deb9u7+ci202512021609+astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 sudo \u0434\u043e 1.9.13p3-1+deb12u1.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux:\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 sudo \u0434\u043e 1.9.13p3-1+deb12u1.astra1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "30.06.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "16.02.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.07.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-08356",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-32462, RHSA-2025:9978",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, \u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Red Hat Enterprise Linux, Astra Linux Common Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607), Sudo, Platform V SberLinux OS Server (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211618785), \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 14.04 LTS , Canonical Ltd. Ubuntu 16.04 LTS , Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 20.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , \u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Canonical Ltd. Ubuntu 22.04 LTS , Red Hat Inc. Red Hat Enterprise Linux 9 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Common Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21164433), \u0410\u041e \u00ab\u041d\u0422\u0426 \u0418\u0422 \u0420\u041e\u0421\u0410\u00bb \u0420\u041e\u0421\u0410 \u0425\u0420\u041e\u041c 12.4  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21161607), Canonical Ltd. Ubuntu 24.04 LTS , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Canonical Ltd. Ubuntu 24.10 , Canonical Ltd. Ubuntu 25.04 , Red Hat Inc. Red Hat Enterprise Linux 10 , \u0410\u041e \u00ab\u0421\u0431\u0435\u0440\u0422\u0435\u0445\u00bb Platform V SberLinux OS Server 9.1  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211618785), \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.14  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u041e\u041e\u041e \u00ab\u041d\u0426\u041f\u0420\u00bb \u041c\u0421\u0412\u0421\u0444\u0435\u0440\u0430 9.5 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 3.8  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Sudo, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f (CWE-863)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Sudo \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.openwall.com/lists/oss-security/2025/06/30/2\nhttps://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host\nhttps://access.redhat.com/security/cve/CVE-2025-32462\nhttps://security-tracker.debian.org/tracker/CVE-2025-32462\nhttps://ubuntu.com/security/CVE-2025-32462\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/\nhttps://www.sudo.ws/security/advisories/host_any/\nhttps://wiki.astralinux.ru/astra-linux-se18-bulletin-2025-0811SE18\nhttps://abf.rosa.ru/advisories/ROSA-SA-2025-2973\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2025-0923SE17\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.14/\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2025-1020SE47\nhttps://errata.msvsphere-os.ru/definition/9/INFCSA-2025:9978?lang=ru\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20251225SE16\nhttps://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38\nhttps://wiki.astralinux.ru/astra-linux-se38-bulletin-2026-0126SE38",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-863",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 1)\n\u041d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 2,8)"
}

RHSA-2025:9978

Vulnerability from csaf_redhat - Published: 2025-06-30 19:59 - Updated: 2025-12-08 07:24

Summary

Red Hat Security Advisory: sudo security update

Severity

Important

Notes

Topic: An update for sudo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): * sudo: LPE via host option (CVE-2025-32462) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2025-32462

A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option (`-h` or `--host`). When using the default sudo security policy plugin (sudoers), the host option is intended to be used in conjunction with the list option (`-l` or `--list`) to determine what permissions a user has on a different system. However, this restriction can be bypassed, allowing a user to elevate their privileges on one system to the privileges they may have on a different system, effectively ignoring the host identifier in any sudoers rules. This vulnerability is particularly impactful for systems that share a single sudoers configuration file across multiple computers or use network-based user directories, such as LDAP, to provide sudoers rules on a system.

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-863 - Incorrect Authorization

Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 https://access.redhat.com/errata/RHSA-2025:9978

Workaround For environments using sudoers files: Remove rules defined in sudoers files that are for any system other than the local system. For environments using LDAP: Use a narrow-scoped search path in the SSSD configuration so rules that don’t apply to a system are not included in the LDAP query results.

References

URL

Category

	https://access.redhat.com/errata/RHSA-2025:9978	self
	https://access.redhat.com/security/updates/classi…	external
	https://bugzilla.redhat.com/show_bug.cgi?id=2374692	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2025-32462	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2374692	external
	https://www.cve.org/CVERecord?id=CVE-2025-32462	external
	https://nvd.nist.gov/vuln/detail/CVE-2025-32462	external
	https://www.stratascale.com/resource/cve-2025-324…	external
	https://www.sudo.ws/security/advisories/host_any/	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for sudo is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.\n\nSecurity Fix(es):\n\n* sudo: LPE via host option (CVE-2025-32462)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:9978",
        "url": "https://access.redhat.com/errata/RHSA-2025:9978"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2374692",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374692"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_9978.json"
      }
    ],
    "title": "Red Hat Security Advisory: sudo security update",
    "tracking": {
      "current_release_date": "2025-12-08T07:24:38+00:00",
      "generator": {
        "date": "2025-12-08T07:24:38+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.13"
        }
      },
      "id": "RHSA-2025:9978",
      "initial_release_date": "2025-06-30T19:59:51+00:00",
      "revision_history": [
        {
          "date": "2025-06-30T19:59:51+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-06-30T19:59:51+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-12-08T07:24:38+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream (v. 9)",
                  "product_id": "AppStream-9.6.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                "product": {
                  "name": "Red Hat Enterprise Linux BaseOS (v. 9)",
                  "product_id": "BaseOS-9.6.0.Z.MAIN.EUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
                "product": {
                  "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_id": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-python-plugin@1.9.5p2-10.el9_6.1?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
                "product": {
                  "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_id": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-debugsource@1.9.5p2-10.el9_6.1?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
                "product": {
                  "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_id": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-debuginfo@1.9.5p2-10.el9_6.1?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
                "product": {
                  "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_id": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-python-plugin-debuginfo@1.9.5p2-10.el9_6.1?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-0:1.9.5p2-10.el9_6.1.aarch64",
                "product": {
                  "name": "sudo-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_id": "sudo-0:1.9.5p2-10.el9_6.1.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo@1.9.5p2-10.el9_6.1?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
                "product": {
                  "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_id": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-python-plugin@1.9.5p2-10.el9_6.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
                "product": {
                  "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_id": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-debugsource@1.9.5p2-10.el9_6.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
                "product": {
                  "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_id": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-debuginfo@1.9.5p2-10.el9_6.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
                "product": {
                  "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_id": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-python-plugin-debuginfo@1.9.5p2-10.el9_6.1?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
                "product": {
                  "name": "sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_id": "sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo@1.9.5p2-10.el9_6.1?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
                "product": {
                  "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_id": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-python-plugin@1.9.5p2-10.el9_6.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
                "product": {
                  "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_id": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-debugsource@1.9.5p2-10.el9_6.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
                "product": {
                  "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_id": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-debuginfo@1.9.5p2-10.el9_6.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
                "product": {
                  "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_id": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-python-plugin-debuginfo@1.9.5p2-10.el9_6.1?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-0:1.9.5p2-10.el9_6.1.x86_64",
                "product": {
                  "name": "sudo-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_id": "sudo-0:1.9.5p2-10.el9_6.1.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo@1.9.5p2-10.el9_6.1?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
                "product": {
                  "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_id": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-python-plugin@1.9.5p2-10.el9_6.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
                "product": {
                  "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_id": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-debugsource@1.9.5p2-10.el9_6.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
                "product": {
                  "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_id": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-debuginfo@1.9.5p2-10.el9_6.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
                "product": {
                  "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_id": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo-python-plugin-debuginfo@1.9.5p2-10.el9_6.1?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "sudo-0:1.9.5p2-10.el9_6.1.s390x",
                "product": {
                  "name": "sudo-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_id": "sudo-0:1.9.5p2-10.el9_6.1.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo@1.9.5p2-10.el9_6.1?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "sudo-0:1.9.5p2-10.el9_6.1.src",
                "product": {
                  "name": "sudo-0:1.9.5p2-10.el9_6.1.src",
                  "product_id": "sudo-0:1.9.5p2-10.el9_6.1.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/sudo@1.9.5p2-10.el9_6.1?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.src",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
          "product_id": "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "AppStream-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.src",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64"
        },
        "product_reference": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le"
        },
        "product_reference": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x"
        },
        "product_reference": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
          "product_id": "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64"
        },
        "product_reference": "sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
        "relates_to_product_reference": "BaseOS-9.6.0.Z.MAIN.EUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-32462",
      "cwe": {
        "id": "CWE-863",
        "name": "Incorrect Authorization"
      },
      "discovery_date": "2025-06-24T21:21:40.408000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2374692"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option (`-h` or `--host`). When using the default sudo security policy plugin (sudoers), the host option is intended to be used in conjunction with the list option (`-l` or `--list`) to determine what permissions a user has on a different system. However, this restriction can be bypassed, allowing a user to elevate their privileges on one system to the privileges they may have on a different system, effectively ignoring the host identifier in any sudoers rules. This vulnerability is particularly impactful for systems that share a single sudoers configuration file across multiple computers or use network-based user directories, such as LDAP, to provide sudoers rules on a system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "sudo: LPE via host option",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is classified as a Local Privilege Escalation (LPE), meaning an attacker needs an authenticated account before they could exploit it. Due to this restriction, the severity is rated Important. Additionally, for a system to be vulnerable, it must already be in a non-default configuration.\n\nThe system\u2019s sudoers file must contain rules that define that user\u2019s privileges on a different system. There are multiple mechanisms a system administrator could use to distribute sudoers rules, such as LDAP, Ansible playbooks, or via inclusion in a \u201cGolden Image,\u201d and therefore may be affected by this vulnerability. In environments using LDAP to manage sudoers files, look for sudoRoles objects that use sudoHost values to manage different levels of user privliges across multiple systems.\n\nIn situations where host A\u2019s sudoers rules include permissions defined for another host B, a user on host A could use the privileges granted to them on host B while logged into host A. For example, a sudoers file on hostA and hostB might include the following rules:\n```\nAlice\thostA = ALL\nBob\thostB = ALL\n```\nIf Bob logs into hostA and runs `sudo some command`, Sudo will check that Bob has permission to run `some command` on hostA. Since Bob does NOT have that privilege on hostA, Sudo will deny the requested command.\n\nHowever, the local Sudo rules on hostA can be bypassed if Bob logs into hostA and runs `sudo -h hostB some command`. In this case, Sudo will verify that Bob has permission to run `some command` on hostB. Since Bob does have that privilege, Sudo will run the requested command on hostA, where Bob is currently logged in.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
          "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
          "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-32462"
        },
        {
          "category": "external",
          "summary": "RHBZ#2374692",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374692"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-32462",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-32462"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-32462",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-32462"
        },
        {
          "category": "external",
          "summary": "https://www.stratascale.com/resource/cve-2025-32462-sudo-host-option-vulnerability/",
          "url": "https://www.stratascale.com/resource/cve-2025-32462-sudo-host-option-vulnerability/"
        },
        {
          "category": "external",
          "summary": "https://www.sudo.ws/security/advisories/host_any/",
          "url": "https://www.sudo.ws/security/advisories/host_any/"
        }
      ],
      "release_date": "2025-06-30T14:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-30T19:59:51+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9978"
        },
        {
          "category": "workaround",
          "details": "For environments using sudoers files: Remove rules defined in sudoers files that are for any system other than the local system.\n\nFor environments using LDAP: Use a narrow-scoped search path in the SSSD configuration so rules that don\u2019t apply to a system are not included in the LDAP query results.",
          "product_ids": [
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.0,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "AppStream-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.src",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-debugsource-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-0:1.9.5p2-10.el9_6.1.x86_64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.aarch64",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.ppc64le",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.s390x",
            "BaseOS-9.6.0.Z.MAIN.EUS:sudo-python-plugin-debuginfo-0:1.9.5p2-10.el9_6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "sudo: LPE via host option"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2025-08356

RHSA-2025:9978

Tags

Sightings

Nomenclature