We stand with Palestine ✊ Free Palestine 🇵🇸

Two Critical Sudo Privilege Escalation Flaws Patched

Your Linux System Was Exposed!

Yesterday, while I was making the final touches on LTM Monthly Newsletter 25.01, exactly in its Cyberwatch section and almost ready to hit the send (and publish) button, I got the news of two very serious vulnerabilities hitting the sudo utility you use frequently—if not daily—on your terminal: CVE‑2025‑32462 and CVE‑2025‑32463.

This should storm your brain with two questions: What do these two sudo flaws offer attackers? And what should you do to protect your Linux system?

While I already highlighted the answers in the last LTM newsletter issue, I believe such an important event deserves a dedicated post. So without further ado, let’s dive in.

⚠️ Root Was at Risk: Sudo Privilege Escalation Flaws

The CVE‑2025‑32462 and CVE‑2025‑32463 vulnerabilities—let’s call them sudo local privilege escalation (LPE) flaws—allow any local unprivileged user (someone without administrative permissions and not in the sudoers group) to run code as root. This provides a golden (or even platinum) opportunity for attackers (or hackers, if you prefer) to gain full control of your system. All they need is local access, which they can achieve through SSH, malware (yes, Linux has malware—not as much as Windows, but it exists), or a malicious account.

If your brain hasn’t registered the danger yet, let me be clear: these flaws can be exploited by hackers to gain full control of your system. This is extremely dangerous, and I hope it motivates you to take the appropriate actions listed below.

Security and the Linux Kernel (LFD441)
This banner contains an affiliate link. If you enroll through it, you support Linux-Tech&More at no extra cost while advancing your Linux security skills.

🛡️ What You Should Do to Protect Your System

When flaws with such high severity are discovered, they usually get patched quickly—often the same day—by most Linux distributions. I can confirm that both vulnerabilities are patched in the latest version of sudo (1.9.17p1, released on June 30, 2025) and are already patched on Ubuntu, Debian, openSUSE, and Arch. Surprisingly, they are not yet patched on Fedora (as of writing, the patch is planned for July 3, 2025, but I don’t know why the delay).

Therefore, keeping your system updated is not optional; it’s a fundamental practice.

I know your brain now sees the danger, but remember: there are always flaws out there that attackers know about and might already be using in their malicious activities—long before they’re discovered or patched. It’s a reality we need to live with unless we plan to ditch the internet (not impossible, and maybe life would be better without it, who knows?). But for now, come back, open your terminal, and take action:

🚨 Urgently Update All Your Systems

  • For Arch:
sudo pacman -Syu
  • For Fedora:
sudo dnf update
  • For openSUSE:
sudo zypper up
  • For Ubuntu:
sudo apt update && sudo apt upgrade

🚨 Audit Recent sudo Usage for Suspicious Activity

sudo journalctl _COMM=sudo

🚨 Restrict sudo Access for Untrusted Users

Check who has sudo access:

  • On Debian/Ubuntu:
sudo getent group sudo
  • On Fedora/Arch:
sudo getent group wheel

If you find someone who shouldn’t be there, remove them:

  • On Debian/Ubuntu:
sudo deluser username sudo
  • On Fedora/Arch:
sudo gpasswd -d username wheel

Limit sudo privileges to trusted accounts only until all systems are patched (we’re still waiting for Fedora). This will help you stay safe from these vulnerabilities. Remember: reducing risk, even a little, is better than ignoring it and regretting it later.

💬 Do you know of any other unpatched flaws? How frequently do you update your system?

Join the Discussion!

0 0 votes
Rate This Article
Subscribe
Notify of
guest
4 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments