========================================================================== Ubuntu Security Notice USN-7604-2 June 30, 2025 sudo vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Sudo could be made to bypass host restrictions. Software Description: - sudo: Provide limited super user privileges to specific users Details: USN-7604-1 fixed CVE-2025-32462 in sudo. This update provides the corresponding fixes for Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS. Original advisory details: Rich Mirch discovered that Sudo incorrectly handled the host option. In environments where per-host rules are configured in the sudoers file, a local attacker could use this issue to bypass the host restrictions. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS sudo 1.8.31-1ubuntu1.5+esm1 Available with Ubuntu Pro sudo-ldap 1.8.31-1ubuntu1.5+esm1 Available with Ubuntu Pro Ubuntu 18.04 LTS sudo 1.8.21p2-3ubuntu1.6+esm1 Available with Ubuntu Pro sudo-ldap 1.8.21p2-3ubuntu1.6+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS sudo 1.8.16-0ubuntu1.10+esm3 Available with Ubuntu Pro sudo-ldap 1.8.16-0ubuntu1.10+esm3 Available with Ubuntu Pro Ubuntu 14.04 LTS sudo 1.8.9p5-1ubuntu1.5+esm8 Available with Ubuntu Pro sudo-ldap 1.8.9p5-1ubuntu1.5+esm8 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7604-2 https://ubuntu.com/security/notices/USN-7604-2 CVE-2025-32462