A team of security researchers has released an in-depth technical report on CVE-2025-32463, a critical local privilege escalation flaw in the widely used Linux sudo utility.
The vulnerability, which affects sudo versions 1.9.14 through 1.9.17, allows a local attacker with standard sudo access to gain full root privileges by abusing the tool’s –chroot feature.
At the heart of the issue is a logic error in the –chroot (or -R) option. Normally, chroot confines a process to a specified directory, but sudo applies this confinement before checking user permissions and before loading Name Service Switch (NSS) modules.
https://gbhackers.com/technical-analysi ... scalation/