CVE-2025-32463

Опубликовано: 30 июн. 2025

Источник: ubuntu

Приоритет: high

EPSS Средний

CVSS3: 9.3

Описание

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Релиз	Статус	Примечание
devel	released	1.9.16p2-3ubuntu2
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	code not present
esm-infra/xenial	not-affected	code not present
jammy	not-affected	code not present
noble	released	1.9.15p5-3ubuntu5.24.04.1
oracular	released	1.9.15p5-3ubuntu5.24.10.1
plucky	released	1.9.16p2-1ubuntu1.1
upstream	pending	1.9.17p1,1.9.16p2-3

Показывать по

Ссылки на источники

EPSS

Процентиль: 95%

0.21128

Средний

9.3 Critical

CVSS3

Связанные уязвимости

CVE-2025-32463

CVSS3: 7.8

redhat

4 месяца назад

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

CVE-2025-32463

CVSS3: 9.3

nvd

4 месяца назад

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

CVE-2025-32463

CVSS3: 9.3

msrc

4 месяца назад

Sudo before 1.9.17p1 allows local users to obtain root access

CVE-2025-32463

CVSS3: 9.3

debian

4 месяца назад

Sudo before 1.9.17p1 allows local users to obtain root access because ...

GHSA-695j-c63m-mvxc

CVSS3: 9.3

github

4 месяца назад

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

EPSS

Процентиль: 95%

0.21128

Средний

9.3 Critical

CVSS3

CVE-2025-32463

Описание

Пакет sudo

Ссылки на источники

Связанные уязвимости