Several major Linux distros hit by serious Sudo security flaws

22 hours ago 3
The Linux penguin.
Image Credit: Pixabay (Image credit: Image Credit: Pixabay)

  • Two flaws were first introduced in late 2013
  • They reside in the Sudo command-line utility
  • Patches are available and users are advised to apply them

Two vulnerabilities were recently spotted in various Linux distributions which, when chained together, allow local attackers to escalate their privileges and thus run arbitrary files.

The vulnerabilities are tracked as CVE-2025-32462 (severity score 2.8/10 - low severity), and CVE-2025-32463 (severity score 9.3/10 critical), and were found in the Sudo command-line utility for Linux and other Unix-like operating systems.

All versions before 1.9.17p1 were said to be vulnerable, with Rich Mirch, the Stratascale researcher who found the flaws, saying they were lingering for more than a decade before being discovered. They were first introduced in late 2013, he added.

A decade-old flaw

Sudo (short for “superuser do”) is a command that allows a permitted user to execute a command as the root user or another user, as defined in the system’s security policy. It provides controlled administrative access without requiring users to log in as the root account.

For example, a user might run a sudo command that installs Firefox on Ubuntu, since installing software system-wide usually requires administrative privileges.

"This primarily affects sites that use a common sudoers file that is distributed to multiple machines," Todd C. Miller, a maintainer for the Sudo project, said in an advisory. "Sites that use LDAP-based sudoers (including SSSD) are similarly impacted."

The patch for Sudo was released in late June 2024, after responsible disclosure which happened in early April.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Furthermore, different Linux distributions also released advisories, fixing the flaw for their variant of the OS. For CVE-2025-32462, these include AlmaLinux 8, AlmaLinux 9, Alpine Linux, Amazon Linux, Debian, Gentoo, Oracle Linux, Red Hat, SUSE, and Ubuntu, while for CVE-2025-32463, they include Alpine Linux, Amazon Linux, Debian, Gentoo, Red Hat, SUSE, and Ubuntu.

Linux users are advised to apply the available patches and make sure their Linux desktop distributions are generally updated.

Via The Hacker News

You might also like

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read Entire Article