Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros# CVE-2025-32462-32463-Detection-Script-
Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros
A brief description of the vulnerabilities is below -
CVE-2025-32462 (CVSS score: 2.8) - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines
CVE-2025-32463 (CVSS score: 9.3) - Sudo before 1.9.17p1 allows local users to obtain root access because "/etc/nsswitch.conf" from a user-controlled directory is used with the --chroot option
Instructions to Use the Script
Save the Script: Copy the script above into a file named check_cve_2025_32462.sh.
Make the Script Executable: Run the following command to make the script executable:
bash
chmod +x check_cve_2025_32462.sh
Run the Script: Execute the script with:
bash
./check_cve_2025_32462.sh
Notes
This script checks the installed version of sudo and compares it against known vulnerable versions. It also checks for the misuse of the -h option.
Ensure you have the necessary permissions to run sudo commands.
If a vulnerable version is detected, it is recommended to update sudo to version 1.9.17p1 or later to mitigate the vulnerability.
Additional Recommendations
Regularly review and update your system packages.
Monitor your sudoers file for any unusual configurations that may exploit this vulnerability.
[4.0K] /data/pocs/64ecd9a27691431f56c1e7ef8478640076f99d33
├── [1.0K] check_cve_2025_32462.sh
├── [1.0K] check_cve_2025_32463.sh
└── [1.4K] README.md
0 directories, 3 files