Fluid Attacks Database

Description

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	sudo	>=0 <1.9.16p2-3	1.9.16p2-3
debian 13	sudo	>=0 <1.9.16p2-3	1.9.16p2-3
rpm rhel10	sudo	<0:1.9.15-8.p5.el10_0.2	0:1.9.15-8.p5.el10_0.2

Aliases

1. CVE-2025-324632. NVD-2025-324633. OSV-DEBIAN-2025-324634. OSV-2025-324635. SECURITY-TRACKER-CVE-2025-32463

References

1. https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-324632. https://github.com/projectdiscovery/nuclei-templates/blob/main/code/cves/2025/CVE-2025-32463.yaml3. https://github.com/pr0v3rbs/CVE-2025-32463_chwoot4. https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/sudo_chroot_cve_2025_32463.rb

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.