vulnerability

SUSE: CVE-2025-32463: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:N/C:C/I:C/A:C)	Jun 30, 2025	Oct 23, 2025	Oct 23, 2025

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

Jun 30, 2025

Added

Oct 23, 2025

Modified

Oct 23, 2025

Description

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Solutions

suse-upgrade-sudosuse-upgrade-sudo-develsuse-upgrade-sudo-plugin-pythonsuse-upgrade-sudo-policy-sudo-auth-selfsuse-upgrade-sudo-policy-wheel-auth-selfsuse-upgrade-sudo-testsuse-upgrade-system-group-sudo

References

CVE-2025-32463
https://attackerkb.com/topics/CVE-2025-32463
CWE-829
SUSE-SUSE-SU-2025:02177-1
SUSE-SUSE-SU-2025:20478-1
SUSE-SUSE-SU-2025:20489-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today