FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

sudo-rs -- Partial password reveal when password timeout occurs

Affected packages
0.2.7 <= sudo-rs < 0.2.10
0.2.7 <= sudo-rs-coexist < 0.2.10

Details

VuXML ID c1ceaaea-c2e7-11f0-8372-98b78501ef2a
Discovery 2025-11-12
Entry 2025-11-16

Trifecta Tech Foundation reports:

When typing partial passwords but not pressing return for a long time, a password timeout can occur. When this happens, the keys pressed are replayed onto the console.

[source]

References

CVE Name CVE-2025-64170
URL https://cveawg.mitre.org/api/cve/CVE-2025-64170

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.