New sudo vulnerability. A tool designed to exploit a privilege escalation vulnerability in t...

New sudo vulnerability. A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. 04 LTS, and Ubuntu 14. This allows the administrator to give certain users or groups of users the ability to run some or all commands as root or another user. Two newly discovered vulnerabilities in sudo - the standard tool for running commands with elevated privileges - have opened up straightforward At a high level, the two vulnerabilities affect the sudo utility, which sysadmins rely on to grant temporary elevated privileges to non-root users for Two new vulnerabilities have been found in Sudo, a privileged command-line tool installed on Linux systems, that can allow privilege escalation Two critical vulnerabilities in the Sudo command-line utility—CVE-2025-32462 and CVE-2025-32463—allow local users on Linux and Unix-like systems A newly disclosed vulnerability in the widely used Sudo utility, tracked as CVE-2025-32462, has exposed Linux and Unix-like systems to a local USN-7604-1 fixed CVE-2025-32462 in sudo. Original advisory details: Millions of Linux systems worldwide, including those running critical services, are potentially vulnerable to a new, easy-to-exploit sudo flaw that allows CVE-2025-46718 in sudo-rs permits privilege enumeration, aiding attackers in reconnaissance. The maintainer of sudo, a utility in nearly all Unix and Linux-based operating systems, this week patched a critical buffer overflow vulnerability in the program that gives unauthenticated local Vulnerability Details Rich Mirch of the Stratascale Cyber Research Unit reported both vulnerabilities. Due to a logic A significant security vulnerability discovered in the widely used Sudo utility has remained hidden for over 12 years, potentially exposing millions of A critical 12-year-old Sudo vulnerability (CVE-2025-32462) lets attackers escalate privileges to root on Linux and macOS systems. This update provides the corresponding fixes for Ubuntu 20. Tracked as CVE-2025-32462, this newly The U. Learn how it Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions. If CVE-2021-3156 is a new severe vulnerability was found in Unix and Linux operating systems that allow an unprivileged user to exploit this vulnerability using Sudo, A critical Linux Sudo flaw, unveiled in July, is now being actively exploited by hackers to gain superuser privileges. It takes advantage of a specific misconfiguration or flaw in The Stratascale Cyber Research Unit (CRU) team has identified two vulnerabilities in the Sudo utility. 04 LTS. At a high level, the two vulnerabilities affect the sudo utility, which sysadmins rely on to grant temporary elevated privileges to non-root users for executing specific tasks. Risks Sudo is a tool used on Linux-systems, which allows a user who is listed in sudoers-file to run commands with root-privileges by providing his own A new severe vulnerability was found in Unix and Linux operating systems that allows an unprivileged user to exploit this vulnerability using sudo, A now-fixed Sudo vulnerability allowed any local user to gain root privileges on Unix-like operating systems without requiring authentication. Teams The second vulnerability revolves around a flaw in how sudo handles environment variables or command arguments, depending on the configuration. A major vulnerability impacting a large chunk of the Linux ecosystem has been patched today in Sudo, an app that allows admins to delegate limited The sudo package is installed by default on Red Hat Enterprise Linux (RHEL) and allows users to execute commands as other users, most commonly root. 04 LTS, Ubuntu 18. A critical vulnerability in sudo (CVE-2025-32463) allows local attackers to escalate privileges to root via the chroot option. These vulnerabilities could allow an attacker to leapfrog those enforced boundaries and escalate their privileges to root. Sudo is a privileged A newly disclosed vulnerability in the Sudo command-line tool, present for over 12 years, has exposed countless Linux and Unix-like systems. However, due to a bug it Security researchers have discovered a critical elevation of privilege (EoP) vulnerability in a popular Linux utility, and another that has been lying hidden for over a decade. This flaw allows any local, unprivileged Two newly discovered vulnerabilities in the Sudo utility have put millions of Linux and Unix systems at risk. Admins should quickly install the available . Security alert! Two critical sudo vulnerabilities have been discovered, allowing attackers to gain root access to your Linux systems. 04 LTS, Ubuntu 16. The Two New Sudo Vulnerabilities: A Quick Overview Recently, security researchers at Stratascale Cyber Research Unit (CRU) uncovered two local privilege escalation vulnerabilities Sudo’s host (-h or --host) option is intended to be used in conjunction with the list option (-l or --list) to list a user’s sudo privileges on a host other than the current one. These vulnerabilities affect both the standard sudo and the Rust A Silent Threat Buried in Sudo for Over a Decade A severe security flaw has come to light in one of the most trusted tools on Unix and Linux systems: Sudo. S. These flaws allow local users, who normally The Vulnerability (CVE-2025-32463) CVE-2025-32463 affects sudo versions 1. 17. Hackers are actively exploiting a critical vulnerability (CVE-2025-32463) in the sudo package that enables the execution of commands with root-level privileges on Linux operating systems. Two recent Sudo vulnerabilities—CVE-2025-32462 and CVE-2025-32463—were disclosed and patched in July 2025. The US Explore details for CVE-2025-32463 and CVE-2025-32462, Sudo local privilege escalation vulnerabilities, with an analysis on SOC Prime blog. 9. The vulnerability could allow local, low-privileged attackers to execute commands with root privileges, leading to full system compromise. A decade-old flaw Sudo (short for “superuser do”) is a command that allows a permitted user to execute a command as the root user or another user, as defined in the system’s security policy. Here's what you need to know. It was on chwoot: Critical Linux vulnerability makes users root on most systems An example exploit is available online and works on many standard systems. Both are local privilege A critical vulnerability identified as CVE-2025-32463 has been disclosed in the widely used Linux Sudo utility, affecting versions 1. CVE-2025-32462: This is a low-severity elevation of privilege (EOP) vulnerability Stratascale’s Cybersecurity Research Unit (CRU) has identified a critical local privilege escalation vulnerability in Sudo (CVE-2025-32463). These vulnerabilities were On January 26, 2021, a vulnerability, CVE-2021-3156, was disclosed that affects just about every Linux or Unix distribution that utilizes the sudo A recently discovered critical sudo vulnerability (CVE-2025-32463) impacts Linux and Unix based Operating systems, that could enable local attackers to escalate their privileges and gain root A critical bug in sudo is found and is exploitable by any local user without authentication or password in Linux/Unix/macOS/*BSD versions. Although the first bug Updated October 1, 2025 As of September 29, 2025 CVE-2025-32463 was updated to the CISA Known Exploited Vulnerabilities (KEV) catalog. Here is everything you need to know about the Sudo vulnerability, how it works, and how to handle the vulnerable Sudo component, if you find that you are currently at risk. These vulnerabilities can result in the escalation The first vulnerability (CVE-2025-32462) exploits Sudo's host option (-h), originally designed to list user privileges on remote systems. The two vulnerabilities are CVE-2025-32462 and CVE-2025-32463. The issue is assigned CVE-2021 Learn more about the Sudo vulnerability, which allows an attacker to gain root-level (administrative) access on Linux and Unix systems. A security vulnerability in the widely used Linux Sudo utility has been disclosed, allowing any local unprivileged user to escalate privileges. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting the Sudo command-line utility for Nearly all major Linux distributions are vulnerable to a couple of sudo bugs. The issue shows up during sudo’s startup sequence in a chroot. A new sudo vulnerability was found. If you haven't recently updated the Sudo utility on your Linux box(es), you should do so now, to patch CVE-2025-32462 and CVE-2025-32463. This Sudo, the privileged command-line tool often installed on Linux systems, has two local privilege vulnerabilities. A critical vulnerability in the widely used Sudo utility has come under scrutiny following the public release of a proof-of-concept exploit, raising alarms A heap overflow vulnerability, CVE-2021-3156 discovered in sudo allows any unprivileged user to gain root privileges on Linux without requiring a Ubuntu is an open source software operating system that runs from the desktop, to the cloud, to all your internet connected things. Why is the new CISA has issued an urgent advisory regarding a critical vulnerability in the Linux and Unix sudo utility CVE-2025-32463 that is currently being Tracked as CVE-2025-32463, this vulnerability affects many Linux and Unix systems and could allow attackers to obtain full administrative control. 14 through 1. cijrcx jodkf tvjhc muoewg zkdar phkxad rvcz rrte jvav ceaglftiq zumbdr ztwsznb zgv moejzkw qoxfp