rootio-linux: Unauthenticated Remote Code Execution via Malicious Packages

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-linux: Unauthenticated Remote Code Execution via Malicious Packages

ROOT-OS-UBUNTU-2404-CVE-2025-40153

Summary

The rootio-linux package for Ubuntu 24.04 has a security flaw that could allow an attacker to run malicious code on your system without a password. This could happen if you download and install a fake or tampered package. To stay safe, make sure to install the latest patched version of rootio-linux.

What to do

Update rootio-linux to version 6.8.0-90.91.root.io.30.

Affected software

Vendor	Product	Affected versions	Fix available
–	rootio-linux	<= 6.8.0-90.91.root.io.30	6.8.0-90.91.root.io.30

Original title

CVE-2025-40153 in rootio-linux - Patched by Root

Original description

Root has patched CVE-2025-40153 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available.

Published: 7 Mar 2026 · Updated: 13 Mar 2026 · First seen: 7 Mar 2026