CVE-2025-32463 PoC — Sudo 安全漏洞

Source

https://github.com/mirchr/CVE-2025-32463-sudo-chwoot

Associated Vulnerability

Title:Sudo 安全漏洞 (CVE-2025-32463)
Description:Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Description

PoC for CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability

Readme

# CVE-2025-32463-sudo-chwoot
### PoC for CVE-2025-32463 - Sudo chroot Elevation of Privilege Vulnerability
- Original PoC [sudo-chwoot.sh](sudo-chwoot.sh)
- CTF Demo [chwoot-demo.c](chwoot-demo.c)

#### Docs
- Write-up: https://www.stratascale.com/vulnerability-alert-CVE-2025-32463-sudo-chroot
- Advisory: https://www.sudo.ws/security/advisories/chroot_bug/


#### Other PoCs
> ⚠️ **Warning**: These PoCs have not been verified. **Use at your own risk**
- Dockerized version https://github.com/pr0v3rbs/CVE-2025-32463_chwoot

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!