Red Hat Product Errata RHSA-2026:13731 - Security Advisory Issued: 2026-05-05 Updated: 2026-05-05 RHSA-2026:13731 - Security Advisory Overview Updated Packages Synopsis Important: sudo security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for sudo is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 s390x Fixes BZ - 2454714 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVEs CVE-2026-35535 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 SRPM sudo-1.9.5p2-7.el9_0.6.src.rpm SHA-256: 65a0d083cbd41b4d859b2dae4fffbcaac1541478e45cb9a1285df625ed587270 ppc64le sudo-1.9.5p2-7.el9_0.6.ppc64le.rpm SHA-256: c06dd62c6f58f7750a4f1b8dd61ee08c128ed9ad7957c7354a94dddcb5b0cfa6 sudo-debuginfo-1.9.5p2-7.el9_0.6.ppc64le.rpm SHA-256: cee56e52367b692cc5bf65df0a4516d0d26cc0523ab2f298ac17104948de8a7e sudo-debuginfo-1.9.5p2-7.el9_0.6.ppc64le.rpm SHA-256: cee56e52367b692cc5bf65df0a4516d0d26cc0523ab2f298ac17104948de8a7e sudo-debugsource-1.9.5p2-7.el9_0.6.ppc64le.rpm SHA-256: f7502ae9cf39237383368365d266b3fa0959b2cd6481f250d7261b4b8c67d3cb sudo-debugsource-1.9.5p2-7.el9_0.6.ppc64le.rpm SHA-256: f7502ae9cf39237383368365d266b3fa0959b2cd6481f250d7261b4b8c67d3cb sudo-python-plugin-1.9.5p2-7.el9_0.6.ppc64le.rpm SHA-256: 7c948e0cc5dc93ba90b96e3a1964ef78d06467c8b5fb535af9d33907b7bc0601 sudo-python-plugin-debuginfo-1.9.5p2-7.el9_0.6.ppc64le.rpm SHA-256: 4b895378da36b5c791d437ff5b0caaad6efa96611be454c1a234b4d2d5310c0a sudo-python-plugin-debuginfo-1.9.5p2-7.el9_0.6.ppc64le.rpm SHA-256: 4b895378da36b5c791d437ff5b0caaad6efa96611be454c1a234b4d2d5310c0a Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 SRPM sudo-1.9.5p2-7.el9_0.6.src.rpm SHA-256: 65a0d083cbd41b4d859b2dae4fffbcaac1541478e45cb9a1285df625ed587270 x86_64 sudo-1.9.5p2-7.el9_0.6.x86_64.rpm SHA-256: 8fa876063abbb3b31d55263d0cd7db0f6888e0e70b5c578b587e2bc5e1a868b2 sudo-debuginfo-1.9.5p2-7.el9_0.6.x86_64.rpm SHA-256: 6c871494db1d5598b154ed39d3c2745299c54da615a46a8054a4cabb90c90875 sudo-debuginfo-1.9.5p2-7.el9_0.6.x86_64.rpm SHA-256: 6c871494db1d5598b154ed39d3c2745299c54da615a46a8054a4cabb90c90875 sudo-debugsource-1.9.5p2-7.el9_0.6.x86_64.rpm SHA-256: 6961be6c4881411f77d81ff2b4e3f2b29662e9955ff5c59a14fb7973addc6a47 sudo-debugsource-1.9.5p2-7.el9_0.6.x86_64.rpm SHA-256: 6961be6c4881411f77d81ff2b4e3f2b29662e9955ff5c59a14fb7973addc6a47 sudo-python-plugin-1.9.5p2-7.el9_0.6.x86_64.rpm SHA-256: c8cf15be87e27559a13fd2d38d48b32f7b30d7841f0dd77ad5e4d7fa7fe4c4c3 sudo-python-plugin-debuginfo-1.9.5p2-7.el9_0.6.x86_64.rpm SHA-256: df0bdf0df1a8118310df37ccb71bbce90ee68e8531e05b07b29b53b9cdf75499 sudo-python-plugin-debuginfo-1.9.5p2-7.el9_0.6.x86_64.rpm SHA-256: df0bdf0df1a8118310df37ccb71bbce90ee68e8531e05b07b29b53b9cdf75499 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.0 SRPM sudo-1.9.5p2-7.el9_0.6.src.rpm SHA-256: 65a0d083cbd41b4d859b2dae4fffbcaac1541478e45cb9a1285df625ed587270 aarch64 sudo-1.9.5p2-7.el9_0.6.aarch64.rpm SHA-256: a89314b636f674ae3e1828f45e8eaa49ee362c90519b2a65bd4d4f4a78dd888c sudo-debuginfo-1.9.5p2-7.el9_0.6.aarch64.rpm SHA-256: b9bfa6d35006fcc08de7a621ca42c506ec7f82fbd0f2ef0f82c3233f3ba68dc3 sudo-debuginfo-1.9.5p2-7.el9_0.6.aarch64.rpm SHA-256: b9bfa6d35006fcc08de7a621ca42c506ec7f82fbd0f2ef0f82c3233f3ba68dc3 sudo-debugsource-1.9.5p2-7.el9_0.6.aarch64.rpm SHA-256: fbc98358b383a4c3916779eaa36c8a6523955e0f72bdc3864c79ec40bdc9ffc4 sudo-debugsource-1.9.5p2-7.el9_0.6.aarch64.rpm SHA-256: fbc98358b383a4c3916779eaa36c8a6523955e0f72bdc3864c79ec40bdc9ffc4 sudo-python-plugin-1.9.5p2-7.el9_0.6.aarch64.rpm SHA-256: 727c367d38f934591603b750957b1149b0c6c90e21ea9b418d8123a23fdbf817 sudo-python-plugin-debuginfo-1.9.5p2-7.el9_0.6.aarch64.rpm SHA-256: 47527872ab1ad350376df65a386c7eeb7166a74b44d412f695fc94fbd95adc86 sudo-python-plugin-debuginfo-1.9.5p2-7.el9_0.6.aarch64.rpm SHA-256: 47527872ab1ad350376df65a386c7eeb7166a74b44d412f695fc94fbd95adc86 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.0 SRPM sudo-1.9.5p2-7.el9_0.6.src.rpm SHA-256: 65a0d083cbd41b4d859b2dae4fffbcaac1541478e45cb9a1285df625ed587270 s390x sudo-1.9.5p2-7.el9_0.6.s390x.rpm SHA-256: f155f50ab7307f99fcf5663b898465a411d1ac2bfad4d81696ca0ed0819bde6e sudo-debuginfo-1.9.5p2-7.el9_0.6.s390x.rpm SHA-256: fcbe50df07e5d3d1f53e7c0279cc2757d06dfb3a43534c4390ba865cb3ba910c sudo-debuginfo-1.9.5p2-7.el9_0.6.s390x.rpm SHA-256: fcbe50df07e5d3d1f53e7c0279cc2757d06dfb3a43534c4390ba865cb3ba910c sudo-debugsource-1.9.5p2-7.el9_0.6.s390x.rpm SHA-256: 787945248978e9cdc56ce976e9cb0419b204b160992926de4717b1b31ea8c84c sudo-debugsource-1.9.5p2-7.el9_0.6.s390x.rpm SHA-256: 787945248978e9cdc56ce976e9cb0419b204b160992926de4717b1b31ea8c84c sudo-python-plugin-1.9.5p2-7.el9_0.6.s390x.rpm SHA-256: 4bf8366689d31e32355513c27ff951b4154bf2bc5ede969e8de1d9420e5b78bd sudo-python-plugin-debuginfo-1.9.5p2-7.el9_0.6.s390x.rpm SHA-256: 67d0c8990fa4c5b4d8136b1d29693cae422451a91c3a75dfd449c6b4aef81106 sudo-python-plugin-debuginfo-1.9.5p2-7.el9_0.6.s390x.rpm SHA-256: 67d0c8990fa4c5b4d8136b1d29693cae422451a91c3a75dfd449c6b4aef81106 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .