Unrated severityNVD Advisory· Published Jun 30, 2025· Updated Nov 3, 2025
CVE-2025-32462
CVE-2025-32462
Description
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
39- Range: <1.9.17p1
- osv-coords37 versionspkg:apk/chainguard/sudopkg:apk/chainguard/sudo-devpkg:apk/chainguard/sudo-docpkg:apk/chainguard/sudo-doc-extrapkg:apk/wolfi/sudopkg:apk/wolfi/sudo-devpkg:apk/wolfi/sudo-docpkg:apk/wolfi/sudo-doc-extrapkg:rpm/almalinux/sudopkg:rpm/almalinux/sudo-python-pluginpkg:rpm/opensuse/sudo&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/sudo&distro=openSUSE%20Tumbleweedpkg:rpm/suse/sudo&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Micro%206.0pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Micro%206.1pkg:rpm/suse/sudo&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/sudo&distro=SUSE%20Manager%20Server%204.3
< 1.9.17-r0+ 36 more
- (no CPE)range: < 1.9.17-r0
- (no CPE)range: < 1.9.17-r0
- (no CPE)range: < 1.9.17-r0
- (no CPE)range: < 1.9.17-r0
- (no CPE)range: < 1.9.17-r0
- (no CPE)range: < 1.9.17-r0
- (no CPE)range: < 1.9.17-r0
- (no CPE)range: < 1.9.17-r0
- (no CPE)range: < 1.9.5p2-1.el8_10.1
- (no CPE)range: < 1.9.15-8.p5.el10_0.2
- (no CPE)range: < 1.9.15p5-150600.3.9.1
- (no CPE)range: < 1.9.17p1-1.1
- (no CPE)range: < 1.9.5p2-150300.3.36.1
- (no CPE)range: < 1.9.5p2-150300.3.36.1
- (no CPE)range: < 1.9.9-150400.4.39.1
- (no CPE)range: < 1.9.9-150400.4.39.1
- (no CPE)range: < 1.9.12p1-150500.7.13.1
- (no CPE)range: < 1.9.12p1-150500.7.13.1
- (no CPE)range: < 1.9.5p2-150300.3.36.1
- (no CPE)range: < 1.9.5p2-150300.3.36.1
- (no CPE)range: < 1.9.9-150400.4.39.1
- (no CPE)range: < 1.9.9-150400.4.39.1
- (no CPE)range: < 1.9.12p1-150500.7.13.1
- (no CPE)range: < 1.9.15p5-150600.3.9.1
- (no CPE)range: < 1.9.15p5-150600.3.9.1
- (no CPE)range: < 1.8.27-4.54.1
- (no CPE)range: < 1.9.5p2-150300.3.36.1
- (no CPE)range: < 1.9.9-150400.4.39.1
- (no CPE)range: < 1.9.12p1-150500.7.13.1
- (no CPE)range: < 1.9.5p2-150300.3.36.1
- (no CPE)range: < 1.9.9-150400.4.39.1
- (no CPE)range: < 1.9.12p1-150500.7.13.1
- (no CPE)range: < 1.8.27-4.54.1
- (no CPE)range: < 1.9.15p5-2.1
- (no CPE)range: < 1.9.15p5-slfo.1.1_2.1
- (no CPE)range: < 1.9.9-150400.4.39.1
- (no CPE)range: < 1.9.9-150400.4.39.1
- Range: 1.8.8
Patches
Vulnerability mechanics
References
13- access.redhat.com/security/cve/cve-2025-32462mitre
- bugs.gentoo.org/show_bug.cgimitre
- explore.alas.aws.amazon.com/CVE-2025-32462.htmlmitre
- lists.debian.org/debian-security-announce/2025/msg00118.htmlmitre
- security-tracker.debian.org/tracker/CVE-2025-32462mitre
- ubuntu.com/security/notices/USN-7604-1mitre
- www.openwall.com/lists/oss-security/2025/06/30/2mitre
- www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/mitre
- www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-hostmitre
- www.sudo.ws/releases/changelog/mitre
- www.sudo.ws/security/advisories/mitre
- www.sudo.ws/security/advisories/host_any/mitre
- www.suse.com/security/cve/CVE-2025-32462.htmlmitre
News mentions
0No linked articles in our index yet.