Red Hat Product Errata RHSA-2026:13896 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:13896 - Security Advisory Overview Updated Packages Synopsis Important: sudo security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for sudo is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64 Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386 Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x Fixes BZ - 2454714 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVEs CVE-2026-35535 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 SRPM sudo-1.8.6p3-29.el6_10.8.src.rpm SHA-256: f6e11c11648c0589a25d58a63a229531c1925fc1fe28b2a0b4f369aab2e30af3 x86_64 sudo-1.8.6p3-29.el6_10.8.x86_64.rpm SHA-256: 78c00eda02fbdcd48db38b72872dcfc53b1f85c534a0327381d58068cda9306b sudo-debuginfo-1.8.6p3-29.el6_10.8.i686.rpm SHA-256: c792448877bf024315fbce33f7313431c402a0e6064e4b7b94ec26cdc507065c sudo-debuginfo-1.8.6p3-29.el6_10.8.x86_64.rpm SHA-256: 82d35434be90f263d35d3d7ebaeeb953df1f0934878422074ae9a72885a84a88 sudo-debuginfo-1.8.6p3-29.el6_10.8.x86_64.rpm SHA-256: 82d35434be90f263d35d3d7ebaeeb953df1f0934878422074ae9a72885a84a88 sudo-devel-1.8.6p3-29.el6_10.8.i686.rpm SHA-256: c767c26b4d91884bc9032fef96b0d6a6aae3d536db33704235f83faec93b9ba6 sudo-devel-1.8.6p3-29.el6_10.8.x86_64.rpm SHA-256: cae12c1510807118cd468d7d961a6958caa8f73eb1e416d0dd15403136a67e5f i386 sudo-1.8.6p3-29.el6_10.8.i686.rpm SHA-256: 4d9e8cda8c897c417ecbac768cb49cdb11552c499068c2ba768e8f7f26a464a1 sudo-debuginfo-1.8.6p3-29.el6_10.8.i686.rpm SHA-256: c792448877bf024315fbce33f7313431c402a0e6064e4b7b94ec26cdc507065c sudo-debuginfo-1.8.6p3-29.el6_10.8.i686.rpm SHA-256: c792448877bf024315fbce33f7313431c402a0e6064e4b7b94ec26cdc507065c sudo-devel-1.8.6p3-29.el6_10.8.i686.rpm SHA-256: c767c26b4d91884bc9032fef96b0d6a6aae3d536db33704235f83faec93b9ba6 Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 SRPM sudo-1.8.6p3-29.el6_10.8.src.rpm SHA-256: f6e11c11648c0589a25d58a63a229531c1925fc1fe28b2a0b4f369aab2e30af3 s390x sudo-1.8.6p3-29.el6_10.8.s390x.rpm SHA-256: ca9592b8f9562fdd5935cfa736b6114ccdcdb0134b5754df34d627b9eac00e0b sudo-debuginfo-1.8.6p3-29.el6_10.8.s390.rpm SHA-256: 717ea1028734f56149dbeea285d539208442baeba7e4a0697830eae00ae2b152 sudo-debuginfo-1.8.6p3-29.el6_10.8.s390x.rpm SHA-256: 6e6a369dc90c90927325e9402ca0e5994047b12cadd1508e2e9f9ef6e671c1c8 sudo-debuginfo-1.8.6p3-29.el6_10.8.s390x.rpm SHA-256: 6e6a369dc90c90927325e9402ca0e5994047b12cadd1508e2e9f9ef6e671c1c8 sudo-devel-1.8.6p3-29.el6_10.8.s390.rpm SHA-256: 5bf505feab12c24359dd640d03161c120605833224c420818d3338b2ddbf6c88 sudo-devel-1.8.6p3-29.el6_10.8.s390x.rpm SHA-256: fb6159c7f6d7d9944be80bae1509da9dd232ae3c1f7cb63ba3d903a9156a3157 The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .