0x00 Vulnerability ID
-
CVE-2025-32462
-
CVE-2025-32463
0x01 Danger Level
- High Risk
0x02 Vulnerability Overview
Sudo is a tool used in Unix-like systems that allows authorized users to execute commands with the security privileges of another user, widely used in system administration and operations.
0x03 Vulnerability DetailsCVE-2025-32462Vulnerability Type:Local Privilege EscalationImpact:Privilege EscalationSummary:The Linux sudo host privilege escalation vulnerability arises from the incorrect application of the -h (–host) option’s remote host rules to the local context, allowing attackers to bypass permissions and escalate to root to execute arbitrary code. Local attackers can exploit this vulnerability to gain root privileges.CVE-2025-32463Vulnerability Type:Local Privilege EscalationImpact:Privilege EscalationSummary:The Linux sudo chroot privilege escalation vulnerability allows local low-privileged users to trigger dynamic library loading through a specially crafted malicious chroot environment, thereby executing arbitrary code with root privileges.0x04 Affected Versions
CVE-2025-32462
-
1.9.0 <= sudo <= 1.9.17
-
1.8.8 <= sudo <= 1.8.32
CVE-2025-32463
-
1.9.14 <= sudo <= 1.9.17
0x05 POC Status
- Publicly Disclosed
0x06 Fix Recommendations
The official patch has been released, and users are advised to upgrade to a secure version.:https://www.sudo.ws/