Two significant vulnerabilities have been uncovered in the Sudo command-line tool, widely used across Linux and Unix-like operating systems, that could allow local users to escalate privileges and gain root access on affected systems.
Here’s a summary of the issues:
-
CVE-2025-32462 (CVSS score: 2.8) — A flaw in Sudo versions before 1.9.17p1 allows users listed in a sudoers file referencing a specific host (other than the current host or “ALL”) to run commands on unintended machines. This primarily impacts setups where a common sudoers file is shared across multiple systems.
-
CVE-2025-32463 (CVSS score: 9.3) — A critical vulnerability in Sudo versions before 1.9.17p1 that lets any local user gain root access. This is due to improper handling of
/etc/nsswitch.conffrom a user-controlled directory when using Sudo’s--chrootoption. The flaw allows attackers to load arbitrary shared libraries and execute malicious commands with elevated privileges.
Sudo is designed to let low-privileged users execute commands as another user, typically the superuser, while enforcing least-privilege principles. It’s configured via the /etc/sudoers file, which defines who can run what commands, as which users, and on which systems.
The first flaw (CVE-2025-32462) arises from the -h (host) option introduced in 2013. The bug allows commands authorized for a remote host to be mistakenly executed locally, affecting environments that share sudoers files across machines, including those using LDAP-based configurations.
The second flaw (CVE-2025-32463) is especially severe because it impacts default Sudo configurations. It requires no special sudoers rules and can be exploited by any unprivileged local user to achieve root access. The maintainers of Sudo plan to remove the --chroot option in future releases due to its complexity and risk.
Both issues were responsibly disclosed in April 2025 and have been patched in Sudo version 1.9.17p1. Major Linux distributions, including AlmaLinux, Alpine Linux, Amazon Linux, Debian, Gentoo, Oracle Linux, Red Hat, SUSE, and Ubuntu, have issued advisories. All users are urged to update to the latest Sudo packages to mitigate these risks.
