Unrated severityCISA KEVNVD Advisory· Published Jun 30, 2025· Updated Feb 26, 2026

CVE-2025-32463

Description

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Affected products

Sudo project/Sudov5
Range: 1.9.14

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/security/cve/cve-2025-32463mitre
bugs.gentoo.org/show_bug.cgimitre
explore.alas.aws.amazon.com/CVE-2025-32463.htmlmitre
security-tracker.debian.org/tracker/CVE-2025-32463mitre
ubuntu.com/security/notices/USN-7604-1mitre
www.openwall.com/lists/oss-security/2025/06/30/3mitre
www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/mitre
www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chrootmitre
www.sudo.ws/releases/changelog/mitre
www.sudo.ws/security/advisories/mitre
www.sudo.ws/security/advisories/chroot_bug/mitre
www.suse.com/security/cve/CVE-2025-32463.htmlmitre
www.suse.com/support/update/announcement/2025/suse-su-202502177-1/mitre
www.vicarius.io/vsociety/posts/cve-2025-32463-detect-sudo-vulnerabilitymitre
www.vicarius.io/vsociety/posts/cve-2025-32463-mitigate-sudo-vulnerabilitymitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.046
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000