rootio-linux: Unauthenticated Code Execution via Unvalidated User Input

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-linux: Unauthenticated Code Execution via Unvalidated User Input

ROOT-OS-DEBIAN-11-CVE-2025-38177

Summary

An issue was discovered in the rootio-linux package. An attacker could potentially run arbitrary code on your server by sending malicious input. Root has released a patch to fix this, so you should update to a fixed version of the software as soon as possible to protect your system.

What to do

Update rootio-linux to version 5.10.247-1.root.io.42.

Affected software

Vendor	Product	Affected versions	Fix available
–	rootio-linux	<= 5.10.247-1.root.io.42	5.10.247-1.root.io.42

Original title

CVE-2025-38177 in rootio-linux - Patched by Root

Original description

Root has patched CVE-2025-38177 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available.

Published: 12 Mar 2026 · Updated: 13 Mar 2026 · First seen: 13 Mar 2026