Alerts This Week
Warning Icon 1 1,111
Alerts This Week
Warning Icon 1 1,111

Ubuntu 25.04 USN-7604-1 critical: Sudo local command execution issues

ubuntu
Calendar Grey June 30, 2025
Dist Ubuntu Esm H88
Ubuntu versions 25.04 and 24.x feature essential Sudo patches that mitigate local threat vulnerabilities, particularly focusing on the prevention of privilege elevation.
Several security issues were fixed in Sudo.

Summary

Several security issues were fixed in Sudo.

Software Description:

- sudo: Provide limited super user privileges to specific users

Details:

Rich Mirch discovered that Sudo incorrectly handled the host option. In

environments where per-host rules are configured in the sudoers file, a

local attacker could use this issue to bypass the host restrictions.

(CVE-2025-32462)

Rich Mirch discovered that Sudo incorrectly handled the chroot option. In

environments where the sudoers file is configured to allow the chroot

option, a local attacker could use this issue to run arbitrary commands as

root. This issue only applied to Ubuntu 24.04 LTS, Ubuntu 24.10, and

Ubuntu 25.04. (CVE-2025-32463)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  sudo                            1.9.16p2-1ubuntu1.1
  sudo-ldap                       1.9.16p2-1ubuntu1.1

Ubuntu 24.10
  sudo                            1.9.15p5-3ubuntu5.24.10.1
  sudo-ldap                       1.9.15p5-3ubuntu5.24.10.1

Ubuntu 24.04 LTS
  sudo                            1.9.15p5-3ubuntu5.24.04.1
  sudo-ldap                       1.9.15p5-3ubuntu5.24.04.1

Ubuntu 22.04 LTS
  sudo                            1.9.9-1ubuntu2.5
  sudo-ldap                       1.9.9-1ubuntu2.5

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7604-1

CVE-2025-32462, CVE-2025-32463

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7604-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here