Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
https://www.suse.com/support/update/announcement/2025/suse-su-202502177-1/
https://www.suse.com/security/cve/CVE-2025-32463.html
https://www.openwall.com/lists/oss-security/2025/06/30/3
https://ubuntu.com/security/notices/USN-7604-1
https://security-tracker.debian.org/tracker/CVE-2025-32463
https://explore.alas.aws.amazon.com/CVE-2025-32463.html
https://thehackernews.com/2025/07/critical-sudo-vulnerabilities-let-local.html
https://www.infosecurity-magazine.com/news/linux-users-urged-to-patch/
https://www.sudo.ws/security/advisories/chroot_bug/
https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot
Published: 2025-06-30
Updated: 2025-07-22
Base Score: 6.8
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
Severity: Medium
Base Score: 7.8
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: High
EPSS: 0.00012
Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.
Vulnerability Being Monitored