SUDO CVE-2025-32462 and CVE-2025-32463

A vulnerability was recently discovered in sudo. It allows a local user to bypass the password and gain root access to your system. Here’s a link to just one article that describes the issue. Critical Sudo Vulnerabilities Let Local Users Gain Root Access on Linux, Impacting Major Distros.

The fix for this issue has been released in sudo version 1.9.17p1. However Fedora and a couple of other distributions has not updated to this version as yet. Here is a discussion on Fedora’s website. CVE-2025-32463 vulnerability mitigation - Fedora Discussion.

I began picking up on some news of this topic a few weeks ago, but never paid attention to it. I just checked that my version of sudo on Fedora is 1.9.15p5. I haven’t panicked but it did raise my heartbeat a couple of levels.

Were you aware of this vulnerability? What are your plans to mitigate it?

1 Like

Thanks @shybry747 I was not aware of this. I’ve not been checking my subscribed alterts since last week Tuesday. So of course this would happen now :grinning_face_with_smiling_eyes:

I’m going to read that page you linked to and then see what I need to do.

Thanks a ton for sharing this.