Rooting with chwoot: Deep Dive into CVE-2025-32463
Discovered in Sudo version 1.9.15 and fixed in 1.9.17p1, CVE-2025-32463 is a logic vulnerability that allows an attacker to load arbitrary `.so` libraries via a controlled `nsswitch.conf` path, leveraging unsafe pivot root logic. This blog walks through the vulnerability analysis, control flow trace, and source code references. Ref: Vulnerability Advisory Exploit : Maybe it will not work with you if this happens, try to write your own vulnerable directory, and try the exploit after understanding it.