FERRAMENTAS LINUX: Critical Sudo Security Update (CVE-2025-32462) – Patch Now to Prevent Privilege Escalation

terça-feira, 1 de julho de 2025

Critical Sudo Security Update (CVE-2025-32462) – Patch Now to Prevent Privilege Escalation

 

SUSE


SUSE has released an urgent security patch for sudo (CVE-2025-32462) addressing a critical local privilege escalation flaw. Learn how to protect your Linux systems (SUSE Enterprise 12 SP5) with step-by-step patch instructions, CVSS 7.3 vulnerability analysis, and mitigation strategies.

Why This Sudo Vulnerability Matters

A newly disclosed privilege escalation flaw (CVE-2025-32462) in sudo poses significant risks to SUSE Linux Enterprise Server 12 SP5 systems. Rated CVSS 7.3 (High Severity), this bug allows attackers with local access to gain root privileges via the --host option.

Key Risks:

  • Exploitable by low-privilege users

  • Impacts confidentiality, integrity, and availability (CIA triad)

  • Affects LTSS (Long-Term Service Support) and SAP deployments

Affected Systems & Patch Instructions

🚨 Vulnerable SUSE Products

  • SUSE Linux Enterprise High Performance Computing 12 SP5

  • SUSE Linux Enterprise Server 12 SP5 (LTSS & Extended Security)

  • SUSE Linux Enterprise Server for SAP Applications 12 SP5

🛡️ How to Patch (Terminal Commands)

ProductPatch Command
SUSE Linux Enterprise Server 12 SP5 LTSSzypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2025-2174=1
Extended Securityzypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2174=1

Alternative Methods:

  • Use YaST Online Update for GUI-based patching

  • Deploy SUSE Manager for enterprise-scale updates

Technical Deep Dive: CVE-2025-32462

  • CVSS v4.0 Score: 7.3 (AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H)

  • Exploit Complexity: High (requires local access)

  • Root Cause: Improper validation in --host parameter handling

Mitigation for Unpatchable Systems:

  1. Restrict sudo access via /etc/sudoers

  2. Monitor for anomalous sudo --host usage

  3. Implement SELinux/AppArmor policies

Package Updates & References

Patched Versions:

  • sudo-1.8.27-4.54.1

  • sudo-devel-1.8.27-4.54.1 (development headers)

Official References:
🔗 SUSE CVE-2025-32462 Advisory
🔗 Bugzilla #1245274

FAQs: Sudo Security Update

Q: Is this vulnerability remotely exploitable?

A: No—attackers need local shell access.

Q: Does this affect Ubuntu or RHEL?

A: Currently, only SUSE 12 SP5 is confirmed vulnerable.

Q: How urgent is this patch?

A: Critical for multi-user systems (shared hosting, enterprise servers).

Cezar Henrique at
Marcadores: Linux, Android, Segurança ,

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)