learnsecurity.online

⚠️ Critical sudo Vulnerabilities Allow Local Privilege Escalation – Patch Immediately

🔍 1. Two New Vulnerabilities Found in sudo Security researchers have disclosed two high-impact vulnerabilities in the widely used sudo utility on Linux and UNIX-based systems. If left unpatched, local users can escalate privileges to root, putting entire systems at risk. Vulnerability Details: ⚙️ 2. Why This Matters The sudo command is essential for privilege…

StarLearn

🔍 1. Two New Vulnerabilities Found in sudo

Security researchers have disclosed two high-impact vulnerabilities in the widely used sudo utility on Linux and UNIX-based systems. If left unpatched, local users can escalate privileges to root, putting entire systems at risk.

Vulnerability Details:

  • CVE-2025-32462 (CVSS 2.8): Affects sudo before version 1.9.17p1 when the sudoers file contains a misconfigured or ALL host entry. This may allow local execution bypassing restrictions.
  • CVE-2025-32463 (CVSS 9.3): Allows an attacker to use the --chroot option to load a custom nsswitch.conf file from a user-controlled directory, potentially gaining root-level access.

⚙️ 2. Why This Matters

The sudo command is essential for privilege delegation in UNIX-like systems. These vulnerabilities undermine that security by:

  • Exploiting the -h (host) option to bypass host restrictions.
  • Exploiting the -R (chroot) option to inject malicious system configuration files that affect authentication and privilege checks.

In both cases, attackers do not need to be listed in the sudoers file with proper permissions.

🌐 3. Affected Linux Distributions

CVE‑2025‑32462 affects:

  • AlmaLinux, Alpine, Amazon Linux, Debian, Gentoo, Oracle Linux, Red Hat, SUSE, Ubuntu

CVE‑2025‑32463 affects:

  • Alpine, Amazon Linux, Debian, Gentoo, Red Hat, SUSE, Ubuntu

Almost all modern distros are impacted if not yet upgraded to the latest sudo version.

🛠️ 4. How to Fix It

The vulnerabilities are patched in sudo 1.9.17p1, released in June 2025. Immediate action is recommended:

  • Use your system’s package manager to update:
    • apt (Debian/Ubuntu)
    • yum (Red Hat/CentOS/AlmaLinux)
    • zypper (SUSE)
  • Confirm the version using: bashSao chépChỉnh sửasudo --version
  • Note: Even when using LDAP or SSSD for sudoers, systems must still be patched.

✅ 5. Recommendations from StarLearn Security Online

To minimize exposure, StarLearn Security Online recommends the following actions:

  1. 🔄 Immediately patch all systems running sudo < 1.9.17p1.
  2. 🛡️ Run automated scans to identify vulnerable endpoints.
  3. 🧩 Review sudoers configurations to detect misused host or chroot entries.
  4. 🚫 Restrict use of --chroot and avoid wildcard host permissions (ALL) unless explicitly required.
  5. 🕵️‍♂️ Monitor sudo logs and commands, especially from unprivileged users.

📌 Summary

  • Two critical sudo vulnerabilities (CVE‑2025‑32462 and CVE‑2025‑32463) enable local users to gain root access.
  • The attack vectors exploit misconfigured host and chroot options in the sudo command.
  • Affected systems include nearly all major Linux distributions.
  • Upgrade to sudo 1.9.17p1 immediately to prevent exploitation.

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending