
Urgent Alert: Critical Sudo Vulnerabilities Fixed—Update Your Linux Now!
2025-07-01
Author: Wei Ling
Attention all Linux users! If you haven’t updated your Sudo utility recently, it’s time to act fast. Two significant local privilege escalation vulnerabilities, identified as CVE-2025-32462 and CVE-2025-32463, were disclosed this past Monday, and they could leave your system exposed.
What is Sudo?
Sudo, short for "Superuser Do," is a powerful command-line utility in Unix-like operating systems. It allows users with lower privileges to execute commands as the root or administrator, granting temporary elevated access without requiring a root login.
The Security Flaws: A Closer Look
These vulnerabilities were brought to light by Rich Mirch from the Stratascale Cyber Research Unit. **CVE-2025-32462** is a low-severity escalation of privilege vulnerability that has sat unnoticed in Sudo’s code for over a decade. Intended to pair the host option with the list option to enumerate sudo privileges, a bug allowed it to be exploited while running commands or using sudoedit.
Mirch explained that this flaw can easily enable privilege escalation to root if certain configurations—common among users—are in place. If your Sudo rules are restricted to specific hostnames, you might be vulnerable without even realizing it.
**CVE-2025-32463**, on the other hand, poses a much greater threat. This critical-severity flaw in Sudo's chroot option allows local users to gain root access on their systems. Thanks to a change made in Sudo version 1.9.14, attackers can exploit this by rerouting command paths and forcing Sudo to load malicious libraries.
Impact and Affected Versions
CVE-2025-32462 impacts both stable versions (1.9.0 – 1.9.17) and legacy versions (1.8.8 – 1.8.32) of Sudo. However, CVE-2025-32463 only affects Sudo versions 1.9.14 to 1.9.17, as earlier legacy versions lack the vulnerable chroot feature.
Both vulnerabilities have been confirmed exploitable on popular Linux distributions like Ubuntu and Fedora, as well as macOS Sequoia.
What Should You Do?
The good news? Stratascale has patched these vulnerabilities in Sudo version 1.9.17p1, released in early June 2025. If you’re using a Linux distribution like Ubuntu, Debian, or SUSE, check your package manager for the latest updates. It’s imperative to secure your system and protect against potential breaches.
Don’t take risks—update your Sudo installation today and safeguard your valuable data!