CVE-2025-32463

Опубликовано: 30 июн. 2025

Источник: ubuntu

Приоритет: high

EPSS Низкий

CVSS3: 9.3

Описание

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Релиз	Статус	Примечание
devel	needed
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	not-affected	code not present
esm-infra/focal	not-affected	code not present
esm-infra/xenial	not-affected	code not present
jammy	not-affected	code not present
noble	released	1.9.15p5-3ubuntu5.24.04.1
oracular	released	1.9.15p5-3ubuntu5.24.10.1
plucky	released	1.9.16p2-1ubuntu1.1
upstream	pending	1.9.17p1

Показывать по

Ссылки на источники

EPSS

Процентиль: 55%

0.00325

Низкий

9.3 Critical

CVSS3

Связанные уязвимости

CVE-2025-32463

CVSS3: 7.8

redhat

16 дней назад

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

CVE-2025-32463

CVSS3: 9.3

nvd

15 дней назад

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

CVE-2025-32463

CVSS3: 9.3

msrc

5 дней назад

Описание отсутствует

CVE-2025-32463

CVSS3: 9.3

debian

15 дней назад

Sudo before 1.9.17p1 allows local users to obtain root access because ...

GHSA-695j-c63m-mvxc

CVSS3: 9.3

github

15 дней назад

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

EPSS

Процентиль: 55%

0.00325

Низкий

9.3 Critical

CVSS3

CVE-2025-32463

Описание

Пакет sudo

Ссылки на источники

Связанные уязвимости