Memory Leak Vulnerability in sudo-rs Implementation by Trifecta Tech Foundation
CVE-2025-64170

3.8LOW

Key Information:

Vendor: Trifectatechfoundation
Status: Sudo-rs
Vendor: CVE Published:; 12 November 2025

🔔 Create Trifectatechfoundation Vulnerability Alert

What is CVE-2025-64170?

The sudo-rs application, a secure implementation of sudo and su, contains a vulnerability that affects users' password security. When inputting a password, if the user delays pressing return for too long, it leads to a password timeout. In this circumstance, the entered keystrokes are echoed back to the console, potentially exposing partial password information. This information can be misused, allowing attackers to exploit password history files and conduct social engineering or pass-by attacks. The vulnerability has been addressed in version 0.2.10, highlighting the importance of timely software updates to ensure user security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

sudo-rs >= 0.2.7, < 0.2.10

References

https://github.com/trifectatechfoundation/sudo-rs/securit...

x_refsource_CONFIRM

https://github.com/trifectatechfoundation/sudo-rs/release...

x_refsource_MISC

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2025
Vulnerability Reserved
Oct 28, 2025

JSON

Trifectatechfoundation

What is CVE-2025-64170?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.