Slashdot: Two Sudo Vulnerabilities Discovered and Patched

Jul 5, 2025

—

Source URL: https://linux.slashdot.org/story/25/07/05/0323220/two-sudo-vulnerabilities-discovered-and-patched?utm_source=rss1.0mainlinkanon&utm_medium=feed
Source: Slashdot
Title: Two Sudo Vulnerabilities Discovered and Patched

Feedly Summary:

AI Summary and Description: Yes

Summary: The text discusses recently disclosed security vulnerabilities in Sudo that allow local attackers to escalate their privileges. Researchers have identified two critical flaws, CVE-2025-32462 and CVE-2025-32463, which could potentially expose systems to security risks and are relevant for professionals focused on software and information security.

Detailed Description:

The text highlights significant vulnerabilities found in the Sudo program, a widely used command-line utility in Unix and Linux systems. The vulnerabilities, identified by a researcher from Stratascale, allow local users to elevate their privileges to root access in vulnerable systems, raising critical concerns for system and security administrators.

Key Points:
– **Vulnerability Details**:
– **CVE-2025-32462**:
– Exists due to the ‘-h’ option in Sudo, which allows users to list their sudo privileges for different hosts.
– Exploitation could allow commands permitted on a remote host to be executed on a local machine.
– This flaw has been present for over 12 years and primarily affects systems that share a common sudoers file across multiple machines.

– **CVE-2025-32463**:
– Exploits the ‘-R’ (chroot) option of Sudo, allowing arbitrary command execution as root regardless of the sudoers file configuration.
– This vulnerability poses severe risks since it does not require any rules to be defined for the user in the Sudo configuration.

– **Critical Severity**: Both vulnerabilities are classified as critical and require immediate attention for mitigation.

– **Implications**:
– Systems running vulnerable versions of Sudo are at high risk, especially if they use LDAP-based sudoers configurations.
– The default configuration of Sudo is vulnerable, thus necessitating updates to protect against these exploits.

– **Future Mitigation**:
– The maintainer of the Sudo project has stated that the problematic chroot feature will be removed in future releases, indicating a proactive step towards enhancing the security of the utility.

This analysis underscores the importance for security professionals to implement updates promptly and reassess their Sudo configurations to prevent potential privilege escalation attacks. Regular audits and security reviews of tools like Sudo are essential in maintaining system integrity and safeguarding sensitive information.

1 2 2025 24 3 4 5 7 a access Act administrators AI analysis and Arch as ated attack attackers attacks audit Audits AWS based Bi by C CERN chroot CI CIA class closed co command command execution concerns Configuration configurations core critical critical flaw critical flaws cross CVE D de DeFi DoT e event execution exp exploit Exploitation exploits fault feature file fine flaws focused for future g H high Highlight HR http HTTPS implications in information information security integrity inux io J k Key l law led Li Link Linux local local attacker local attackers low M mac machine man media mini mitigation multi N NIST Nix no non o oE of on opt ory oS over Patch point potential pre privilege escalation pro proactive problem professionals project prompt ps Q R raising RCE red release releases remote research researchers review Risk risks Ro Root root access RoT s safe Scale search sec security security professionals security reviews security risk security risks Security Vulnerabilities sensitive information severity SHA Sig software source SSE state sudo system system integrity systems T Tails ted text the to tool tools Tor TP two UI under Unix up update updates US use user Users V version vulnerabilities vulnerability Ware Wi x