· vulnerabilities  · 2 min read

Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462 & CVE-2025-32463)

Two privilege escalation flaws (CVE-2025-32462, CVE-2025-32463) in the widely used Sudo utility have been fixed. Update your Linux and macOS systems now.

Urgent: Critical Sudo Bugs Allow Full Root Access—Patch Now!

If you manage a Linux or Unix-like system, it’s time to stop what you’re doing and check for updates. Two significant vulnerabilities have been discovered in the ubiquitous Sudo utility, which could allow a local user to gain full root privileges.

Sudo, a fundamental command-line tool, allows standard users to run commands with the security privileges of another user, typically the “root” or administrator user. Its widespread use makes any vulnerability in it a serious threat to system security across the globe.

The two flaws were responsibly disclosed by Rich Mirch of the Stratascale Cyber Research Unit, and patches are now available.

CVE-2025-32462: A 12-Year-Old Bug

This low-severity but impactful vulnerability has been lurking in Sudo’s code for over a dozen years, affecting legacy versions from 1.8.8 and stable versions up to 1.9.17.

The flaw exists in the --host option, which is meant to list a user’s permissions on a different host. However, a bug allowed this option to be used when actually running a command or editing a file. In common configurations where Sudo rules are tied to specific hostnames, an attacker could exploit this to escalate their privileges without needing a complex exploit.

CVE-2025-32463: The Critical Chroot Flaw

This is the more severe of the two vulnerabilities, rated as critical. It affects Sudo versions 1.9.14 through 1.9.17. Legacy versions are not affected as they lack the vulnerable feature.

The flaw lies in the --chroot option, which allows a user to run a command in a different root directory. A change introduced in version 1.9.14 allowed an attacker to trick Sudo into loading a malicious shared library by creating a fake configuration file within the specified chroot directory. A successful exploit grants the attacker full root access on the system.

Researchers have confirmed that this vulnerability can be exploited on popular Linux distributions like Ubuntu and Fedora, as well as on Apple’s macOS Sequoia.

What You Need to Do

Both critical vulnerabilities have been patched in Sudo version 1.9.17p1.

Since Sudo is installed by default on nearly all Linux and macOS systems, immediate action is required. Major distributions, including Ubuntu, Debian, and SUSE, have already released updated packages containing the fix.

Check your system’s package manager now and apply the latest Sudo update to protect your servers and workstations from potential takeover. Don’t delay—this is a simple but critical patch to apply.

Newsletter Signup

News Feed

Get the Hottest Cybersecurity News Delivered to You!

Share:
← Back to News

Related News

Discover more news articles that might interest you

CISA Urges Immediate Patch for PHPMailer Vulnerability

CISA Urges Immediate Patch for PHPMailer Vulnerability

Parrot OS 6.4 Released with Kernel 6.12, New Hacking Tools

Parrot OS 6.4 Released with Kernel 6.12, New Hacking Tools

Critical Linux Vulnerability Allows Secure Boot Bypass via Initramfs

Critical Linux Vulnerability Allows Secure Boot Bypass via Initramfs

EU’s Push to Ditch Microsoft: A Boost for Linux or a Risky Gamble?

EU’s Push to Ditch Microsoft: A Boost for Linux or a Risky Gamble?

Ubuntu 24.10 “Oracular Oriole” Reaches End of Life, Upgrade to Ubuntu 25.04 Now

Ubuntu 24.10 “Oracular Oriole” Reaches End of Life, Upgrade to Ubuntu 25.04 Now

KDE Plasma 6.3.6 Released: Stability & Fixes

KDE Plasma 6.3.6 Released: Stability & Fixes