Two newly-reported vulnerabilities affecting the sudo package - one of them considered critical - have hit the Linux ecosystem. The critical vulnerability (CVE-2025-32463) affects Ubuntu Noble servers, while the second vulnerability (CVE-2025-32462) affects multiple versions of AlmaLinux, Ubuntu and Debian.
As reported by the Ubuntu Security Team:
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
A proof-of-concept is supplied alongside this CVE.
We’ve patched managed servers and our own infrastructure
Our team has been hard at work patching all affected managed servers, and all of the gear that we run for ourselves. If you have Managed Services applied to your servers, this is one of those times when you can bank the benefits and get on with your day.
To be specific, we’ve updated every affected distro to a newly-released version that includes a patch against these new vulnerabilities, where possible.
If you manage your own server
We have not patched unmanaged servers. If you manage your own servers, we recommend checking if they’re affected and if a patch is available as soon as you can.
Update affected Ubuntu or Debian packages with:
apt update && apt install sudoFor AlmaLinux servers, you’ll need to update with
dnf install sudoYou can use the aforementioned proof-of-concept to validate whether your server is affected, if you’d like to double check.
Is it time to talk with us about Server Management?
The big benefits of Server Management are made clear when issues like this sudo vulnerability are discovered. Plenty of SiteHost customers who were at risk will only have heard of this potential problem after we already secured their infrastructure against it.
If you’d like to talk with us about adding Server Management, we’re always ready to hear from you.