摘要:
sudo security update
安全等级: Low
公告ID: KylinSec-SA-2025-2704
发布日期: 2025年9月2日
关联CVE: CVE-2025-32462
Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done.
Security Fix(es):
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.(CVE-2025-32462)
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2025-32462 | KY3.4-5A | sudo | Fixed |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| sudo-help | noarch | 1.9.2-18.kb1.ky3_4 |
| sudo | x86_64 | 1.9.2-18.kb1.ky3_4 |
| sudo-devel | x86_64 | 1.9.2-18.kb1.ky3_4 |
| sudo | aarch64 | 1.9.2-18.kb1.ky3_4 |
| sudo-devel | aarch64 | 1.9.2-18.kb1.ky3_4 |
方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm
方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名
