Sudo has a pretty bad 9.3 bug.
https://thehackernews.com/2025/07/critical-sudo-vulnerabilities-let-local.html
What’s the best method to patch this? Wait for repo? Manual?
Rocky Linux 8 and 9 is not affected by CVE-2025-32463. A fix is not available for Rocky Linux 10 yet.
Rocky Linux 8 and 9 have had updates released for CVE-2025-32462.
sudo-1.9.5p2-1.el8_10.1.x86_64
sudo-1.9.5p2-10.el9_6.1.x86_64
3 Likes
Hello @label
Could you please share us the source you use to referring if sudo 1.9.5p2-1 are fixing the CVE-2025-32462?
Because I find in official sudo site that 1.9.17p1 are the one who fixing CVE-2025-32462 and CVE-2025-32463.
There’s the source:
root@rocky9:~# dnf --enablerepo=baseos-source list sudo*
Rocky Linux 9 - BaseOS - Source 458 kB/s | 276 kB 00:00
Installed Packages
sudo.x86_64 1.9.5p2-10.el9_6.1 @baseos
Available Packages
sudo.src 1.9.5p2-10.el9_6.1 baseos-source
sudo-python-plugin.x86_64 1.9.5p2-10.el9_6.1 appstream
feel free to check that package sudo.src. As you should already know, Red Hat backports fixes from newer versions of packages into their older versions. Which means Rocky also gets them once they have backported it.
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.