An attacker can leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. Sudo versions affected: Sudo versions 1.9.14 to 1.9.17 inclusive are affected. CVE ID: This vulnerability has been assigned CVE-2025-32463 in the Common Vulnerabilities and Exposures database.
