CVE-2025-32462

Name
CVE-2025-32462
Description
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
NVD Severity
low
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
cve@mitre.org https://www.openwall.com/lists/oss-security/2025/06/30/2
cve@mitre.org https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host
cve@mitre.org https://www.sudo.ws/releases/changelog/
cve@mitre.org https://www.sudo.ws/security/advisories/
cve@mitre.org https://www.secpod.com/blog/sudo-lpe-vulnerabilities-resolved-what-you-need-to-know-about-cve-2025-32462-and-cve-2025-32463/
cve@mitre.org https://www.sudo.ws/security/advisories/host_any/
cve@mitre.org https://access.redhat.com/security/cve/cve-2025-32462
cve@mitre.org https://bugs.gentoo.org/show_bug.cgi?id=CVE-2025-32462
cve@mitre.org https://explore.alas.aws.amazon.com/CVE-2025-32462.html
cve@mitre.org https://lists.debian.org/debian-security-announce/2025/msg00118.html
cve@mitre.org https://security-tracker.debian.org/tracker/CVE-2025-32462
cve@mitre.org https://ubuntu.com/security/notices/USN-7604-1
cve@mitre.org https://www.suse.com/security/cve/CVE-2025-32462.html
af854a3a-2127-422b-91ae-364da2661108 https://lists.debian.org/debian-lts-announce/2025/06/msg00033.html

Match rules

CPE URI Source package Min version Max version
sudo >= 1.8.8 < 1.9.17p1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
sudo edge-main 1.9.5p2-r0 None possibly vulnerable
sudo edge-main 1.9.5-r0 None possibly vulnerable
sudo edge-main 1.8.31-r0 None possibly vulnerable
sudo edge-main 1.8.28-r0 None possibly vulnerable
sudo edge-main 1.8.20_p2-r0 None possibly vulnerable
sudo edge-community 1.9.17_p2-r0 Celeste <cielesti@protonmail.com> fixed
sudo edge-community 1.9.17_p1-r0 Celeste <cielesti@protonmail.com> fixed
sudo edge-community 1.9.5p2-r0 None possibly vulnerable
sudo edge-community 1.9.5_p2-r0 None possibly vulnerable
sudo edge-community 1.9.5-r0 None possibly vulnerable
sudo edge-community 1.9.17-r0 Celeste <cielesti@protonmail.com> possibly vulnerable
sudo edge-community 1.9.16_p2-r1 Celeste <cielesti@protonmail.com> possibly vulnerable
sudo edge-community 1.9.16_p2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
sudo edge-community 1.9.12_p2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
sudo edge-community 1.8.31-r0 None possibly vulnerable
sudo edge-community 1.8.28-r0 None possibly vulnerable
sudo edge-community 1.8.20_p2-r0 None possibly vulnerable
sudo 3.22-community 1.9.17_p2-r0 Celeste <cielesti@protonmail.com> fixed
sudo 3.22-community 1.9.17_p1-r0 Natanael Copa <ncopa@alpinelinux.org> fixed
sudo 3.22-community 1.9.5_p2-r0 None possibly vulnerable
sudo 3.22-community 1.9.5-r0 None possibly vulnerable
sudo 3.22-community 1.9.16_p2-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
sudo 3.22-community 1.9.12_p2-r0 None possibly vulnerable
sudo 3.22-community 1.8.31-r0 None possibly vulnerable
sudo 3.22-community 1.8.28-r0 None possibly vulnerable
sudo 3.22-community 1.8.20_p2-r0 None possibly vulnerable