A privilege escalation vulnerability (CVE-2026-35535, CVSS 7.4 HIGH) exists in the sudo utility due to a failure in privilege drop calls. The vulnerability affects Red Hat Enterprise Linux 10 systems, and the provided security update patches the flaw. Administrators should apply the update via the referenced Red Hat solution article.
Red Hat Product Errata RHSA-2026:10758 - Security Advisory Issued: 2026-04-27 Updated: 2026-04-27 RHSA-2026:10758 - Security Advisory Overview Updated Packages Synopsis Important: sudo security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for sudo is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 10 x86_64 Red Hat Enterprise Linux for IBM z Systems 10 s390x Red Hat Enterprise Linux for Power, little endian 10 ppc64le Red Hat Enterprise Linux for ARM 64 10 aarch64 Fixes BZ - 2454714 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVEs CVE-2026-35535 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 10 SRPM sudo-1.9.15-10.p5.el10_1.src.rpm SHA-256: ee912250d2d7f6450d177afceae4448a79773831357998371aa71209979de30c x86_64 sudo-1.9.15-10.p5.el10_1.x86_64.rpm SHA-256: af86dc7d2cf83b5f825d28e7bda57d131257884d5c6737c24f207648d022b7e4 sudo-debuginfo-1.9.15-10.p5.el10_1.x86_64.rpm SHA-256: 5b8a65b4425c47c5c2492e0db6e7fc8a0f5ec124c3d617305eeb8eb3900efec8 sudo-debuginfo-1.9.15-10.p5.el10_1.x86_64.rpm SHA-256: 5b8a65b4425c47c5c2492e0db6e7fc8a0f5ec124c3d617305eeb8eb3900efec8 sudo-debugsource-1.9.15-10.p5.el10_1.x86_64.rpm SHA-256: ba0353bf78280ec3685e38ac25015d245c3991158e90e858e0476443e4e5fc44 sudo-debugsource-1.9.15-10.p5.el10_1.x86_64.rpm SHA-256: ba0353bf78280ec3685e38ac25015d245c3991158e90e858e0476443e4e5fc44 sudo-python-plugin-1.9.15-10.p5.el10_1.x86_64.rpm SHA-256: 8f55e72ed5baabaaf63c7528b4fbbb8cc43ee590a8ba43541a5bce119f9f7a25 sudo-python-plugin-debuginfo-1.9.15-10.p5.el10_1.x86_64.rpm SHA-256: 1cc6d338d3aed9e7bf7fb7f53ef231f751db95dc710e0603c99eb96b9c8534e9 sudo-python-plugin-debuginfo-1.9.15-10.p5.el10_1.x86_64.rpm SHA-256: 1cc6d338d3aed9e7bf7fb7f53ef231f751db95dc710e0603c99eb96b9c8534e9 Red Hat Enterprise Linux for IBM z Systems 10 SRPM sudo-1.9.15-10.p5.el10_1.src.rpm SHA-256: ee912250d2d7f6450d177afceae4448a79773831357998371aa71209979de30c s390x sudo-1.9.15-10.p5.el10_1.s390x.rpm SHA-256: b9ac93d726ae537722bce1b47563a0141a9278fe420128cca94a248feed35ccd sudo-debuginfo-1.9.15-10.p5.el10_1.s390x.rpm SHA-256: 151cd0f3089e0314098497374f66b2508ca59f77dca6a7b0d380f3efe46919c2 sudo-debuginfo-1.9.15-10.p5.el10_1.s390x.rpm SHA-256: 151cd0f3089e0314098497374f66b2508ca59f77dca6a7b0d380f3efe46919c2 sudo-debugsource-1.9.15-10.p5.el10_1.s390x.rpm SHA-256: 26b95c0def4a431d232eb769c734064f0aaf1c3ac7e20f62636aade651ed148c sudo-debugsource-1.9.15-10.p5.el10_1.s390x.rpm SHA-256: 26b95c0def4a431d232eb769c734064f0aaf1c3ac7e20f62636aade651ed148c sudo-python-plugin-1.9.15-10.p5.el10_1.s390x.rpm SHA-256: da3a520abdc89913287b1964de91b3cb49b1acd972f0e92c4f57468dfb80627b sudo-python-plugin-debuginfo-1.9.15-10.p5.el10_1.s390x.rpm SHA-256: aea6b44312afb406c0ba6c467f79fa5f4c51df13df38d2f18a7d33711e5627f6 sudo-python-plugin-debuginfo-1.9.15-10.p5.el10_1.s390x.rpm SHA-256: aea6b44312afb406c0ba6c467f79fa5f4c51df13df38d2f18a7d33711e5627f6 Red Hat Enterprise Linux for Power, little endian 10 SRPM sudo-1.9.15-10.p5.el10_1.src.rpm SHA-256: ee912250d2d7f6450d177afceae4448a79773831357998371aa71209979de30c ppc64le sudo-1.9.15-10.p5.el10_1.ppc64le.rpm SHA-256: b72a19d55bff763f3f77d49b3de4190e0759e80314ab351af430e8d2732386a4 sudo-debuginfo-1.9.15-10.p5.el10_1.ppc64le.rpm SHA-256: 6991876140535954aa15763f2cef857224625660d3b48519b28400010bf8745f sudo-debuginfo-1.9.15-10.p5.el10_1.ppc64le.rpm SHA-256: 6991876140535954aa15763f2cef857224625660d3b48519b28400010bf8745f sudo-debugsource-1.9.15-10.p5.el10_1.ppc64le.rpm SHA-256: b9660c4a04d76e93cb1e5fde678b1fb6a4813e6012ca6e47f2052ed400f875b4 sudo-debugsource-1.9.15-10.p5.el10_1.ppc64le.rpm SHA-256: b9660c4a04d76e93cb1e5fde678b1fb6a4813e6012ca6e47f2052ed400f875b4 sudo-python-plugin-1.9.15-10.p5.el10_1.ppc64le.rpm SHA-256: 839089120f6982769f052b8da18d8aee60eb81d76b7488ec3e347dcd7e510727 sudo-python-plugin-debuginfo-1.9.15-10.p5.el10_1.ppc64le.rpm SHA-256: 89d945154bd645e5a440736b74d91640692fab586e6d71e65333c31cb258f4c6 sudo-python-plugin-debuginfo-1.9.15-10.p5.el10_1.ppc64le.rpm SHA-256: 89d945154bd645e5a440736b74d91640692fab586e6d71e65333c31cb258f4c6 Red Hat Enterprise Linux for ARM 64 10 SRPM sudo-1.9.15-10.p5.el10_1.src.rpm SHA-256: ee912250d2d7f6450d177afceae4448a79773831357998371aa71209979de30c aarch64 sudo-1.9.15-10.p5.el10_1.aarch64.rpm SHA-256: b8001d310deb3d0fc526de8b4bd019a5a8e16f3fb426be8cc750166923d40ba5 sudo-debuginfo-1.9.15-10.p5.el10_1.aarch64.rpm SHA-256: 76433bb690b24f8b8e2eeed7c43ba186f35b3ff89382c8377e46efdb1ebb0efb sudo-debuginfo-1.9.15-10.p5.el10_1.aarch64.rpm SHA-256: 76433bb690b24f8b8e2eeed7c43ba186f35b3ff89382c8377e46efdb1ebb0efb sudo-debugsource-1.9.15-10.p5.el10_1.aarch64.rpm SHA-256: 9cf0a1d12a5ae576b22be5377ab62388aae6829017aa6b9617269c8839439f76 sudo-debugsource-1.9.15-10.p5.el10_1.aarch64.rpm SHA-256: 9cf0a1d12a5ae576b22be5377ab62388aae6829017aa6b9617269c8839439f76 sudo-python-plugin-1.9.15-10.p5.el10_1.aarch64.rpm SHA-256: 9b89926b484159b3738c90e5bdd3a796e1dd60cffdab2eb79d34a32ad5fcc0ee sudo-python-plugin-debuginfo-1.9.15-10.p5.el10_1.aarch64.rpm SHA-256: 115a07257b9e48e982b4822b7a17e90e70218c15767e4a5f31d4ffbd63ea7e9c sudo-python-plugin-debuginfo-1.9.15-10.p5.el10_1.aarch64.rpm SHA-256: 115a07257b9e48e982b4822b7a17e90e70218c15767e4a5f31d4ffbd63ea7e9c The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .