Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros.
Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on susceptible machines.
A brief description of the vulnerabilities is below –
- CVE-2025-32462 (CVSS score: 2.8) – Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines
- CVE-2025-32463 (CVSS score: 9.3) – Sudo before 1.9.17p1 allows local users to obtain root access because “/etc/nsswitch.conf” from a user-controlled directory is used with the –chroot option
Sudo is a command-line tool that allows low-privileged users to run commands as another user, such as the superuser. By executing instructions with sudo, the idea is to enforce the principle of least privilege, permitting users to carry out administrative actions without the need for elevated permissions.
The command is configured through a file called “/etc/sudoers,” which determines “who can run what commands as what users on what machines and can also control special things such as whether you need a password for particular commands.”
