9.3
CRITICAL
CVE-2025-32463
Sudo Local Command Injection Vulnerability
Description

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

INFO

Published Date :

June 30, 2025, 9:15 p.m.

Last Modified :

July 22, 2025, 3:15 p.m.

Remotely Exploitable :

No

Impact Score :

6.0

Exploitability Score :

2.5
Public PoC/Exploit Available at Github

CVE-2025-32463 has a 72 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2025-32463 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Suse linux_enterprise_desktop
2 Suse linux_enterprise_real_time
3 Suse linux_enterprise_server_for_sap
1 Canonical ubuntu_linux
1 Redhat enterprise_linux
1 Debian debian_linux
1 Opensuse leap
1 Sudo_project sudo
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2025-32463.

URL Resource
https://access.redhat.com/security/cve/cve-2025-32463 Third Party Advisory
https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32463 Issue Tracking Third Party Advisory
https://explore.alas.aws.amazon.com/CVE-2025-32463.html Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2025-32463 Third Party Advisory
https://ubuntu.com/security/notices/USN-7604-1 Third Party Advisory
https://www.openwall.com/lists/oss-security/2025/06/30/3 Third Party Advisory
https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/ Exploit Third Party Advisory
https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot Exploit Third Party Advisory
https://www.sudo.ws/releases/changelog/ Release Notes
https://www.sudo.ws/security/advisories/ Vendor Advisory
https://www.sudo.ws/security/advisories/chroot_bug/
https://www.suse.com/security/cve/CVE-2025-32463.html Third Party Advisory
https://www.suse.com/support/update/announcement/2025/suse-su-202502177-1/ Third Party Advisory
https://www.vicarius.io/vsociety/posts/cve-2025-32463-detect-sudo-vulnerability
https://www.vicarius.io/vsociety/posts/cve-2025-32463-mitigate-sudo-vulnerability
https://iototsecnews.jp/2025/07/01/linux-sudo-chroot-vulnerability-enables-hackers-to-elevate-privileges-to-root/

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

CVE-2025-32463

Shell

Updated: 22 hours, 27 minutes ago
0 stars 0 fork 0 watcher
Born at : July 22, 2025, 6:26 a.m. This repo has been linked 1 different CVEs too.

A deep dive into two critical Sudo vulnerabilities (CVE‑2025‑32463 & CVE‑2025‑32462) that enable local privilege escalation across major Linux distributions.

cve cybersecurity linux privilege-escalation sudo

Updated: 13 hours, 13 minutes ago
2 stars 0 fork 0 watcher
Born at : July 21, 2025, 3:39 p.m. This repo has been linked 2 different CVEs too.

None

Makefile C++ Shell

Updated: 22 hours, 59 minutes ago
1 stars 1 fork 1 watcher
Born at : July 20, 2025, 11:37 p.m. This repo has been linked 2 different CVEs too.

None

Python

Updated: 2 days, 13 hours ago
0 stars 0 fork 0 watcher
Born at : July 20, 2025, 3:16 p.m. This repo has been linked 1 different CVEs too.

Exploit para explotar la vulnerabilidad CVE-2025-32463

Shell

Updated: 3 days, 18 hours ago
0 stars 0 fork 0 watcher
Born at : July 18, 2025, 10:39 a.m. This repo has been linked 2 different CVEs too.

Local Privilege Escalation to Root via Sudo chroot in Linux

Shell

Updated: 4 days, 16 hours ago
0 stars 0 fork 0 watcher
Born at : July 18, 2025, 9:03 a.m. This repo has been linked 2 different CVEs too.

This is the exploit for the CVE-2025-32463

Shell

Updated: 5 days, 22 hours ago
0 stars 0 fork 0 watcher
Born at : July 17, 2025, 5:57 a.m. This repo has been linked 1 different CVEs too.

Privilege escalation to root via sudo without gcc. Exploit works on vulnerable sudo versions. Clone the repo and run the script. 🐙💻

chroot cve-2025-32463 docker docker-image escalate-privilages exploit lpe privelage-escalation privesc privilege-escalation privilege-escalation-exploits proof-of-concept proof-of-work root scanner sudo-privilege-escalation ubuntu vulnerability

Python Shell

Updated: 6 days, 9 hours ago
0 stars 0 fork 0 watcher
Born at : July 16, 2025, 7:33 p.m. This repo has been linked 1 different CVEs too.

None

Updated: 6 days, 11 hours ago
0 stars 0 fork 0 watcher
Born at : July 16, 2025, 4:55 p.m. This repo has been linked 1 different CVEs too.

None

Updated: 20 hours, 49 minutes ago
0 stars 0 fork 0 watcher
Born at : July 16, 2025, 12:40 p.m. This repo has been linked 2 different CVEs too.

None

Dockerfile Rust

Updated: 6 days, 17 hours ago
0 stars 0 fork 0 watcher
Born at : July 16, 2025, 11:21 a.m. This repo has been linked 1 different CVEs too.

CVE-2025-32463 漏洞概念验证

Shell

Updated: 1 week ago
1 stars 0 fork 0 watcher
Born at : July 15, 2025, 7:13 a.m. This repo has been linked 1 different CVEs too.

Educational Docker lab to simulate privilege escalation via CVE-2025-32463

Shell

Updated: 1 week ago
0 stars 0 fork 0 watcher
Born at : July 14, 2025, 11:16 p.m. This repo has been linked 1 different CVEs too.

Privilege escalation to root using sudo chroot, NO NEED for gcc installed.

chroot cve-2025-32463 exploit linux poc privesc privilege-escalation root sudo ubuntu vulnerability

Python Shell

Updated: 2 days, 15 hours ago
3 stars 0 fork 0 watcher
Born at : July 14, 2025, 11:07 p.m. This repo has been linked 1 different CVEs too.

Rust PoC for CVE-2025-32463 (sudo chroot "chwoot" Local PrivEsc)

exploit linux poc privilege-escalation sudo vulnerability chroot cybersecurity chwoot

Makefile C Rust

Updated: 1 week, 4 days ago
0 stars 0 fork 0 watcher
Born at : July 11, 2025, 3:51 p.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2025-32463 vulnerability anywhere in the article.

  • Help Net Security
Week in review: Sudo local privilege escalation flaws fixed, Google patches actively exploited Chrome

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463) If you haven’t ... Read more

Published Date: Jul 06, 2025 (2 weeks, 2 days ago)
  • The Hacker News
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to ... Read more

Published Date: Jul 04, 2025 (2 weeks, 4 days ago)
  • Help Net Security
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)

If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been di ... Read more

Published Date: Jul 01, 2025 (3 weeks ago)
  • Cyber Security News
Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root

A critical security vulnerability in the widely used Linux Sudo utility has been disclosed, allowing any local unprivileged user to escalate privileges to root access. Summary1. CVE-2025-32463 affects ... Read more

Published Date: Jul 01, 2025 (3 weeks ago)
  • Daily CyberSecurity
JetBrains YouTrack Price Hike: New Plans & Features Arrive October 1, 2025

JetBrains’ project management and issue tracking software, YouTrack, will undergo a price adjustment on October 1, 2025. According to JetBrains, the price increase is due to the existing pricing model ... Read more

Published Date: Jul 01, 2025 (3 weeks, 1 day ago)
  • Daily CyberSecurity
Critical Sudo Flaw (CVE-2025-32463, CVSS 9.3): Root Privilege Escalation & Host Bypass, PoC Available

In the world of Linux privilege management, Sudo reigns supreme. It’s the gatekeeper, the doorman, the bouncer of root-level access. But what happens when the bouncer hands over the keys to anyone who ... Read more

Published Date: Jul 01, 2025 (3 weeks, 1 day ago)

The following table lists the changes that have been made to the CVE-2025-32463 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    Jul. 22, 2025

    Action Type Old Value New Value
    Added Reference https://www.vicarius.io/vsociety/posts/cve-2025-32463-detect-sudo-vulnerability
    Added Reference https://www.vicarius.io/vsociety/posts/cve-2025-32463-mitigate-sudo-vulnerability
  • CVE Modified by [email protected]

    Jul. 19, 2025

    Action Type Old Value New Value
    Added Reference https://www.sudo.ws/security/advisories/chroot_bug/
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jul. 18, 2025

    Action Type Old Value New Value
    Added Reference https://iototsecnews.jp/2025/07/01/linux-sudo-chroot-vulnerability-enables-hackers-to-elevate-privileges-to-root/
  • Initial Analysis by [email protected]

    Jul. 17, 2025

    Action Type Old Value New Value
    Added CVSS V3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CPE Configuration OR *cpe:2.3:a:sudo_project:sudo:1.9.17:-:*:*:*:*:*:* *cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:* versions from (including) 1.9.14 up to (excluding) 1.9.17
    Added CPE Configuration OR *cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* *cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp2:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:* *cpe:2.3:o:debian:debian_linux:13.0:*:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:* *cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:* *cpe:2.3:o:opensuse:leap:15.6:*:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_desktop:15:sp7:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_desktop:15:sp6:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp6:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_real_time:15.0:sp7:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:sp6:*:*:*:*:*:* *cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:sp7:*:*:*:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:25.04:*:*:*:-:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:24.10:*:*:*:-:*:*:*
    Added Reference Type MITRE: https://access.redhat.com/security/cve/cve-2025-32463 Types: Third Party Advisory
    Added Reference Type MITRE: https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32463 Types: Issue Tracking, Third Party Advisory
    Added Reference Type MITRE: https://explore.alas.aws.amazon.com/CVE-2025-32463.html Types: Third Party Advisory
    Added Reference Type MITRE: https://security-tracker.debian.org/tracker/CVE-2025-32463 Types: Third Party Advisory
    Added Reference Type MITRE: https://ubuntu.com/security/notices/USN-7604-1 Types: Third Party Advisory
    Added Reference Type MITRE: https://www.openwall.com/lists/oss-security/2025/06/30/3 Types: Third Party Advisory
    Added Reference Type MITRE: https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/ Types: Exploit, Third Party Advisory
    Added Reference Type MITRE: https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot Types: Exploit, Third Party Advisory
    Added Reference Type MITRE: https://www.sudo.ws/releases/changelog/ Types: Release Notes
    Added Reference Type MITRE: https://www.sudo.ws/security/advisories/ Types: Vendor Advisory
    Added Reference Type MITRE: https://www.suse.com/security/cve/CVE-2025-32463.html Types: Third Party Advisory
    Added Reference Type MITRE: https://www.suse.com/support/update/announcement/2025/suse-su-202502177-1/ Types: Third Party Advisory
  • CVE Modified by [email protected]

    Jul. 09, 2025

    Action Type Old Value New Value
    Added Reference https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/
  • CVE Modified by [email protected]

    Jul. 01, 2025

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/security/cve/cve-2025-32463
    Added Reference https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32463
    Added Reference https://explore.alas.aws.amazon.com/CVE-2025-32463.html
    Added Reference https://security-tracker.debian.org/tracker/CVE-2025-32463
    Added Reference https://ubuntu.com/security/notices/USN-7604-1
    Added Reference https://www.suse.com/security/cve/CVE-2025-32463.html
    Added Reference https://www.suse.com/support/update/announcement/2025/suse-su-202502177-1/
  • New CVE Received by [email protected]

    Jun. 30, 2025

    Action Type Old Value New Value
    Added Description Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
    Added CVSS V3.1 AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
    Added CWE CWE-829
    Added Reference https://www.openwall.com/lists/oss-security/2025/06/30/3
    Added Reference https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot
    Added Reference https://www.sudo.ws/releases/changelog/
    Added Reference https://www.sudo.ws/security/advisories/
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CVSS31 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
© cvefeed.io
Latest DB Update: Jul. 23, 2025 4:55