Home / mailings [USN-7604-2] Sudo vulnerability
Posted on 30 June 2025
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7604-2
June 30, 2025
sudo vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Sudo could be made to bypass host restrictions.
Software Description:
- sudo: Provide limited super user privileges to specific users
Details:
USN-7604-1 fixed CVE-2025-32462 in sudo. This update provides the
corresponding fixes for Ubuntu 20.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS.
Original advisory details:
Rich Mirch discovered that Sudo incorrectly handled the host option. In
environments where per-host rules are configured in the sudoers file, a
local attacker could use this issue to bypass the host restrictions.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
sudo 1.8.31-1ubuntu1.5+esm1
Available with Ubuntu Pro
sudo-ldap 1.8.31-1ubuntu1.5+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
sudo 1.8.21p2-3ubuntu1.6+esm1
Available with Ubuntu Pro
sudo-ldap 1.8.21p2-3ubuntu1.6+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
sudo 1.8.16-0ubuntu1.10+esm3
Available with Ubuntu Pro
sudo-ldap 1.8.16-0ubuntu1.10+esm3
Available with Ubuntu Pro
Ubuntu 14.04 LTS
sudo 1.8.9p5-1ubuntu1.5+esm8
Available with Ubuntu Pro
sudo-ldap 1.8.9p5-1ubuntu1.5+esm8
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7604-2
https://ubuntu.com/security/notices/USN-7604-2
CVE-2025-32462
--===============4086894897814540292==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
