Vulnerability Research
I hunt for vulnerabilities in open and closed source software. Below are a list for some of my publicly acknowledged vulnerabilities. CVE-2025-32463 - Sudo chroot Elevation of Privilege Details can be found on my work blog at https://stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot PoC Mirror: https://github.com/mirchr/CVE-2025-32463-sudo-chwoot/ Vendor Advisory: https://www.sudo.ws/security/advisories/chroot_bug/ Media References: https://thehackernews.com/2025/09/cisa-sounds-alarm-on-critical-sudo-flaw.html https://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-linux-sudo-flaw-exploited-in-attacks/ https://www.securityweek.com/organizations-warned-of-exploited-sudo-vulnerability/amp/ https://cyberpress.org/cisa-inux-and-unix-sudo-flaw/ https://thehackernews.com/2025/07/critical-sudo-vulnerabilities-let-local.html https://www.helpnetsecurity.com/2025/07/01/sudo-local-privilege-escalation-vulnerabilities-fixed-cve-2025-32462-cve-2025-32463/ https://cybersecuritynews.com/linux-sudo-chroot-vulnerability/ https://cybernews.com/security/critical-linux-sudo-flaw-discovered/ https://cyberpress.org/12-year-old-sudo-vulnerability/ https://www.infosecurity-magazine.com/news/linux-users-urged-to-patch/ https://gbhackers.com/12-year-old-sudo-vulnerability/ https://www.redhotcyber.com/en/post/linux-pwned-privilege-escalation-on-sudo-in-5-seconds-hackerhood-tests-the-cve-2025-32463-exploit/ https://thecyberwire.com/newsletters/daily-briefing/14/126 CVE-2025-32462 - Sudo Host Option Elevation of Privilege Details can be found on my work blog at https://stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host ...