Red Hat Product Errata RHSA-2026:13895 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:13895 - Security Advisory Overview Updated Packages Synopsis Important: sudo security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for sudo is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64 Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64 Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le Fixes BZ - 2454714 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVEs CVE-2026-35535 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 SRPM sudo-1.8.23-10.el7_9.5.src.rpm SHA-256: 9d25a55ccdd70fad84c85d4b0c9d94eeacc46fd466882a483f43f06e1f047f29 x86_64 sudo-1.8.23-10.el7_9.5.x86_64.rpm SHA-256: 37e26cca7daa0ec9cdd5ea1d71b3d33722fda14f44fe212f82ed3709547d7c4e sudo-debuginfo-1.8.23-10.el7_9.5.i686.rpm SHA-256: ddaa59a8c6f426d0e10c4e170488abe915bf30d1bc8e91cf2973e468239e1228 sudo-debuginfo-1.8.23-10.el7_9.5.x86_64.rpm SHA-256: 21c723c99770ce2335067bd427e200bd01522754d29a3e159150eb4b8fe3e271 sudo-debuginfo-1.8.23-10.el7_9.5.x86_64.rpm SHA-256: 21c723c99770ce2335067bd427e200bd01522754d29a3e159150eb4b8fe3e271 sudo-devel-1.8.23-10.el7_9.5.i686.rpm SHA-256: 1c762f35d3bef5041dc87c73a85caca05334220812043e37765b6dd4c1076454 sudo-devel-1.8.23-10.el7_9.5.x86_64.rpm SHA-256: f49072b9e839d9feed64c742a5115cfbd2a48b9ed42630a371f7cf0e0b22e2d7 Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 SRPM sudo-1.8.23-10.el7_9.5.src.rpm SHA-256: 9d25a55ccdd70fad84c85d4b0c9d94eeacc46fd466882a483f43f06e1f047f29 s390x sudo-1.8.23-10.el7_9.5.s390x.rpm SHA-256: c8d7ea8e9e80ab3cf2b3e8dc3320819825e0dc858f31a749bcb8839d3560fe25 sudo-debuginfo-1.8.23-10.el7_9.5.s390.rpm SHA-256: 7f064ca8cbc49c071ac21387ea0b9b2f068cffe445d518f33005cdcc1fe0bc18 sudo-debuginfo-1.8.23-10.el7_9.5.s390x.rpm SHA-256: 5137e98e60e4202f04fc1c093663390c5f905091d349df30cb2310882d2ee615 sudo-debuginfo-1.8.23-10.el7_9.5.s390x.rpm SHA-256: 5137e98e60e4202f04fc1c093663390c5f905091d349df30cb2310882d2ee615 sudo-devel-1.8.23-10.el7_9.5.s390.rpm SHA-256: 7bfab6e8df1eb6a612ea8b6cc5c4393cd7e23dde99257245d423b7600066517f sudo-devel-1.8.23-10.el7_9.5.s390x.rpm SHA-256: 9876709fd57091daaea9662c5894683531e945f40844eb5ab8a77fb2036ee2bc Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 SRPM sudo-1.8.23-10.el7_9.5.src.rpm SHA-256: 9d25a55ccdd70fad84c85d4b0c9d94eeacc46fd466882a483f43f06e1f047f29 ppc64 sudo-1.8.23-10.el7_9.5.ppc64.rpm SHA-256: 231ae4bb96c5d8283a3c74789df05e17dd7d125a9c0e7a99f89bd212696cbac2 sudo-debuginfo-1.8.23-10.el7_9.5.ppc.rpm SHA-256: bf57b7cbcada32a49efc5a6c7362ab4a44d2dd361194eef234d3d6b60288b131 sudo-debuginfo-1.8.23-10.el7_9.5.ppc64.rpm SHA-256: aa815bff629c5e74b55bcbc199ff55349af8a526fb51db5b51cff3278855b178 sudo-debuginfo-1.8.23-10.el7_9.5.ppc64.rpm SHA-256: aa815bff629c5e74b55bcbc199ff55349af8a526fb51db5b51cff3278855b178 sudo-devel-1.8.23-10.el7_9.5.ppc.rpm SHA-256: 1c3713828088287ca1017b039d655ff36f59a18c8d6b76b7e3b4f64383e54608 sudo-devel-1.8.23-10.el7_9.5.ppc64.rpm SHA-256: 72ab443698678582ec6b1edd175b367b85c3b9e601390c5a43aa8258b40f486e Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 SRPM sudo-1.8.23-10.el7_9.5.src.rpm SHA-256: 9d25a55ccdd70fad84c85d4b0c9d94eeacc46fd466882a483f43f06e1f047f29 ppc64le sudo-1.8.23-10.el7_9.5.ppc64le.rpm SHA-256: d7616ba633de70694477019cba6da984b1f9791e8f42033d41566c73d9e1823e sudo-debuginfo-1.8.23-10.el7_9.5.ppc64le.rpm SHA-256: 884350364db44d8388b651a0ecc49a56b5dd3c88afed15d8b1bc5d0ce3d45c12 sudo-debuginfo-1.8.23-10.el7_9.5.ppc64le.rpm SHA-256: 884350364db44d8388b651a0ecc49a56b5dd3c88afed15d8b1bc5d0ce3d45c12 sudo-devel-1.8.23-10.el7_9.5.ppc64le.rpm SHA-256: c14d6079e00c5bd92c77937b06fd2b61bfebccb2f94e0439a863f77f6dca477c The Red Hat security contact is secalert@redhat.com . More contact details at https://access.redhat.com/security/team/contact/ .