Service Notices

All Notices > Security Notices > Linux Sudo Local Privilege Escalation Vulnerabilities (CVE-2025-32462 and CVE-2025-32463)

Linux Sudo Local Privilege Escalation Vulnerabilities (CVE-2025-32462 and CVE-2025-32463)

Jul 07, 2025 GMT+08:00

I. Overview

Huawei Cloud noticed that Linux sudo has fixed two local privilege escalation vulnerabilities (CVE-2025-32462 and CVE-2025-32463). Attackers can exploit these vulnerabilities to escalate their common user privileges to root privileges. The POCs/EXPs of these vulnerabilities have been disclosed and the risks are high.

CVE-2025-32462 is a local privilege escalation vulnerability in Linux sudo. The flaw lies with the -h (-host) option, which was intended to be used in conjunction with -l (--list) to view sudo privileges for a different host. However, the function of this option is not restricted to permission query, and attackers can execute commands or use sudoedit to edit files to escalate their privileges locally.

CVE-2025-32463 is a local privilege escalation vulnerability in Linux sudo. The sudo configuration does not restrict the use of chroot(). Unprivileged users can call chroot() on the writable and untrusted paths they control to trigger dynamic library loading, thereby executing arbitrary code with root privileges.

Sudo is a utility for Unix and Unix-based OSs. It allows authorized users to securely run commands as other users (usually superusers). It is widely used in system management and maintenance, and provides flexible access control, allowing administrators to accurately specify which users can execute specific commands and under what conditions. If you are a sudo user, check your sudo version and implement timely security hardening.

References:

https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host

https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

Affected versions:

CVE-2025-32462:

1.9.0 <= sudo <= 1.9.17

1.8.8 <= sudo <= 1.8.32

CVE-2025-32463:

1.9.14 <= sudo <= 1.9.17

Note: The old versions (current version <= 1.8.32) of sudo is not vulnerable because the chroot function does not exist.

Secure versions:

sudo >= 1.9.17p1

IV. Vulnerability Handling

This vulnerability has been fixed in the latest official version. If your service version falls into the affected range, upgrade it to the secure version.

https://www.sudo.ws/security/advisories/host_any/

https://www.sudo.ws/security/advisories/chroot_bug

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.