Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root

The vulnerability, tracked as CVE-2025-32463, affects Sudo versions 1.9.14 through 1.9.17 and poses a significant threat to Linux systems running default configurations. The vulnerability affects the default Sudo configuration, making it a widespread threat requiring immediate attention. This vulnerability is particularly dangerous because it doesn’t require any Sudo rules to be defined for the attacking user, meaning even users with no administrative privileges can exploit it. This creates a security breach when the Name Service Switch (NSS) operations are triggered, causing the system to load /etc/nsswitch.conf configuration from the untrusted environment. Attackers can specify custom NSS sources that translate to shared object libraries (e.g., libnss_/woot1337.so.2), which Sudo then loads with root privileges. CVE-2025-32463 affects Sudo versions 1.9.14-1.9.17, enabling privilege escalation to root. Impact affects default configurations on Ubuntu, Fedora, and other major Linux distributions. The exploit code shows how a simple gcc -shared -fPIC command can compile the malicious library that gets loaded during Sudo’s NSS operations.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 01 Jul 2025 06:25:44 +0000

Cyber News related to Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root

Microsoft is bringing the Linux sudo command to Windows Server - Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications. Superuser do, or sudo, is a Linux console program that allows low-privileged users to execute a ...
1 year ago Bleepingcomputer.com

CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago

Microsoft unveils new 'Sudo for Windows' feature in Windows 11 - Microsoft introduced 'Sudo for Windows' today, a new Windows 11 feature allowing users to execute commands with elevated privileges from unelevated terminals. The company is also working on open-sourcing the new tool and recommends Gerardo Grignoli's ...
1 year ago Bleepingcomputer.com

Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root - The vulnerability, tracked as CVE-2025-32463, affects Sudo versions 1.9.14 through 1.9.17 and poses a significant threat to Linux systems running default configurations. The vulnerability affects the default Sudo configuration, making it a widespread ...
1 week ago Cybersecuritynews.com CVE-2025-32463

Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov

CVE-2023-42456 - Sudo-rs, a memory safe implementation of sudo and su, allows users to not have to enter authentication at every sudo attempt, but instead only requiring authentication every once in a while in every terminal or process group. Only once a configurable ...
1 year ago

12-Year-Old Sudo Linux Vulnerability Enables Privilege Escalation to Root User - While the documentation explicitly states that the host option should only work “in conjunction with the -l (–list) option,” the vulnerability allows malicious actors to execute privileged commands by specifying remote host rules ...
5 days ago Cybersecuritynews.com CVE-2025-32462

CVE-2025-46718 - sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of other users using the `-U` flag. This vulnerability ...
1 month ago

CVE-2024-26853 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago

AWS Root vs IAM User: What to Know & When to Use Them - In Amazon Web Services, there are two different privileged accounts. One is defined as Root User and the other is defined as an IAM User. In this blog, I will break down the differences of an AWS Root User versus an IAM account, when to use one ...
2 years ago Beyondtrust.com

CVE-2024-36963 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago

How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com

CVE-2020-8023 - A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of ...
4 years ago

Kali Linux 2023.4 released with GNOME 45 and 15 new tools - Kali Linux 2023.4, the fourth and final version of 2023, is now available for download, with fifteen new tools and the GNOME 45 desktop environment. Kali Linux is a Linux distribution created for ethical hackers and cybersecurity professionals to ...
1 year ago Bleepingcomputer.com

CVE-2021-47546 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago

Azure Serial Console Attack and Defense - This is the second installment of the Azure Serial Console blog, which provides insights to improve defenders' preparedness when investigating Azure Serial Console activity on Azure Linux virtual machines. While the first blog post discussed various ...
1 year ago Msrc.microsoft.com

CVE-2025-21813 - In the Linux kernel, the following vulnerability has been resolved: ...
4 months ago

CVE-2019-19232 - ** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this ...
5 years ago

Holiday Hackers: How to Safeguard Your Service Desk - Hackers really don't take holidays, but they will take advantage of them. Many of these cyberattacks will zero in on the service or help desk to gain entry into network systems. Recovering accounts because of forgotten passwords is one of the ...
1 year ago Bleepingcomputer.com

Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
1 year ago Bbc.com

Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
1 year ago Securityweek.com Silence

Any.RUN Sandbox Now Expanded to Analyze Linux Malware - The ANY.RUN sandbox has now been updated with support for Linux, further enhancing its ability to provide an isolated and secure environment for malware analysis and threat hunting. ANY.RUN allows malware analysts, SOC members, and DFIR team members ...
1 year ago Gbhackers.com

Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More! - As 2023 draws to a close, Kali Linux enthusiasts are in for a treat with the latest release, Kali Linux 2023.4. Packed with innovative features and improvements, this update focuses on expanding platform support and refining existing capabilities. ...
1 year ago Hackread.com

Mimecast Acquires User Education Startup Elevate Security - Email security mainstay Mimecast on Thursday announced the acquisition of Elevate Security, a venture-backed startup working on technology in the user-education and awareness training space. Financial terms of the transaction were not released. The ...
1 year ago Securityweek.com

Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root

Cyber News related to Linux Sudo chroot Vulnerability Enables Hackers to Elevate Privileges to Root

Latest Cyber News

Cyber Trends (last 7 days)

Trending Cyber News (last 7 days)