rootio-linux: Unauthenticated command execution possible through configuration file

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

rootio-linux: Unauthenticated command execution possible through configuration file

ROOT-OS-UBUNTU-2404-CVE-2025-22086

Summary

A vulnerability in rootio-linux allows an attacker to execute arbitrary commands on the system by manipulating a configuration file. This could be exploited by an unauthorized user to gain access to the system. Update to a patched version of rootio-linux to resolve this issue.

What to do

Update rootio-linux to version 6.8.0-106.106.root.io.59.
Update rootio-linux to version 6.8.0-107.107.root.io.60.
Update rootio-linux to version 6.8.0-110.110.root.io.62.

Affected software

Ecosystem	Vendor	Product	Affected versions
Root:Ubuntu:24.04	–	rootio-linux	< 6.8.0-106.106.root.io.59 < 6.8.0-107.107.root.io.60 < 6.8.0-110.110.root.io.62 Fix: upgrade to 6.8.0-106.106.root.io.59

Original title

CVE-2025-22086 in rootio-linux - Patched by Root

Original description

Root has patched CVE-2025-22086 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available.

Published: 16 Apr 2026 · Updated: 16 Apr 2026 · First seen: 1 Apr 2026