来源

关联漏洞

描述

Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

介绍

# CVE-2025-32462-32463-Detection-Script-
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros

A brief description of the vulnerabilities is below -

    CVE-2025-32462 (CVSS score: 2.8) - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines
    CVE-2025-32463 (CVSS score: 9.3) - Sudo before 1.9.17p1 allows local users to obtain root access because "/etc/nsswitch.conf" from a user-controlled directory is used with the --chroot option

Instructions to Use the Script

    Save the Script: Copy the script above into a file named check_cve_2025_32462.sh.

    Make the Script Executable: Run the following command to make the script executable:

bash

chmod +x check_cve_2025_32462.sh

Run the Script: Execute the script with:

bash

    ./check_cve_2025_32462.sh

Notes

    This script checks the installed version of sudo and compares it against known vulnerable versions. It also checks for the misuse of the -h option.
    Ensure you have the necessary permissions to run sudo commands.
    If a vulnerable version is detected, it is recommended to update sudo to version 1.9.17p1 or later to mitigate the vulnerability.

Additional Recommendations

    Regularly review and update your system packages.
    Monitor your sudoers file for any unusual configurations that may exploit this vulnerability.

文件快照

 [4.0K]  /data/pocs/64ecd9a27691431f56c1e7ef8478640076f99d33
├── [1.0K]  check_cve_2025_32462.sh
├── [1.0K]  check_cve_2025_32463.sh
└── [1.4K]  README.md

0 directories, 3 files

备注