Sudo Vulnerabilities Fixed: Update Now to Secure Your Linux System

If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been disclosed on Monday.

What is Sudo?

Sudo is command-line utility in Unix-like operating systems that allows a low-privilege user to execute a command as another user, typically the root/administrator user. The utility effectively grants temporary elevated privileges without requiring the user to log in as root. The user needs to authenticate themselves with their password and, if they are permitted by the configuration file (typically /etc/sudoers), the system will execute the requested command.

The vulnerabilities (CVE-2025-32462, CVE-2025-32463)

Both vulnerabilities have been reported by Rich Mirch of the Stratascale Cyber Research Unit. CVE-2025-32462, a low-severity elevation of privilege (EOP) vulnerability in the Sudo host option, has been present in Sudo’s code for over 12 years. CVE-2025-32463 is a critical-severity flaw in the Sudo chroot option that could be exploited by local users to achieve root access on the underlying system.

What to do?

Stratascale CTU has verified that the vulnerabilities can be exploited on popular Linux distros such as Ubuntu and Fedora, and on macOS Sequoia (macOS is a Unix-based operating system). Both CVE-2025-32462 and CVE-2025-32463 have been fixed in version 1.9.17p1, released in early June 2025. Since Sudo is installed by default on many popular Linux desktop distributions, you should check if the one you’re using has offered updated Sudo packages with the fix – Ubuntu, Debian, and SUSE already have.

Subscribe to our breaking news e-mail alert to never miss out on the latest breaches, vulnerabilities and cybersecurity threats. Subscribe here!