Red Hat Product Errata RHSA-2026:13889 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:13889 - Security Advisory Overview Updated Packages Synopsis Important: sudo security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for sudo is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2454714 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVEs CVE-2026-35535 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM sudo-1.9.5p2-10.el9_6.3.src.rpm SHA-256: 1ea9dfddf083f21ab430d950bb453ae718bae994793bdc7187ac1c7decac2458 x86_64 sudo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 7fa2810fbb589801abaddb62eb26c1dc903356710c624e06a5f71ddfd6a2894d sudo-debuginfo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 166be2ff147554eb5b7849688358d571a5453f5c8ea17b617bb31005f2654d2e sudo-debuginfo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 166be2ff147554eb5b7849688358d571a5453f5c8ea17b617bb31005f2654d2e sudo-debugsource-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: d915500d75f4f263616c9c63ea3c210b512364888d81c180b7a5b81090c57be8 sudo-debugsource-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: d915500d75f4f263616c9c63ea3c210b512364888d81c180b7a5b81090c57be8 sudo-python-plugin-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: f2e80405c9cce4c3f99f2c6bce8c8f40b7d9e76717f096da7921bc90e1656a46 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 8ebd77130d4629d1edbaedbd1665f09d4b791d94d01bb3779a61f1e5ecc1a12c sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 8ebd77130d4629d1edbaedbd1665f09d4b791d94d01bb3779a61f1e5ecc1a12c Red Hat Enterprise Linux Server - AUS 9.6 SRPM sudo-1.9.5p2-10.el9_6.3.src.rpm SHA-256: 1ea9dfddf083f21ab430d950bb453ae718bae994793bdc7187ac1c7decac2458 x86_64 sudo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 7fa2810fbb589801abaddb62eb26c1dc903356710c624e06a5f71ddfd6a2894d sudo-debuginfo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 166be2ff147554eb5b7849688358d571a5453f5c8ea17b617bb31005f2654d2e sudo-debuginfo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 166be2ff147554eb5b7849688358d571a5453f5c8ea17b617bb31005f2654d2e sudo-debugsource-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: d915500d75f4f263616c9c63ea3c210b512364888d81c180b7a5b81090c57be8 sudo-debugsource-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: d915500d75f4f263616c9c63ea3c210b512364888d81c180b7a5b81090c57be8 sudo-python-plugin-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: f2e80405c9cce4c3f99f2c6bce8c8f40b7d9e76717f096da7921bc90e1656a46 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 8ebd77130d4629d1edbaedbd1665f09d4b791d94d01bb3779a61f1e5ecc1a12c sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 8ebd77130d4629d1edbaedbd1665f09d4b791d94d01bb3779a61f1e5ecc1a12c Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM sudo-1.9.5p2-10.el9_6.3.src.rpm SHA-256: 1ea9dfddf083f21ab430d950bb453ae718bae994793bdc7187ac1c7decac2458 s390x sudo-1.9.5p2-10.el9_6.3.s390x.rpm SHA-256: 9c460aa7078e8af331b74e086a77ad0508d7702c94d9b08ba2d5b65f68ba0622 sudo-debuginfo-1.9.5p2-10.el9_6.3.s390x.rpm SHA-256: 3ba64188ef6673cde00a8812bedbfeabf06a0a14b4871c19384fe902f89fcbe4 sudo-debuginfo-1.9.5p2-10.el9_6.3.s390x.rpm SHA-256: 3ba64188ef6673cde00a8812bedbfeabf06a0a14b4871c19384fe902f89fcbe4 sudo-debugsource-1.9.5p2-10.el9_6.3.s390x.rpm SHA-256: 797e9dd9f3a0392050e0834f8612381046268d2f6894f62a849b90fe571221d7 sudo-debugsource-1.9.5p2-10.el9_6.3.s390x.rpm SHA-256: 797e9dd9f3a0392050e0834f8612381046268d2f6894f62a849b90fe571221d7 sudo-python-plugin-1.9.5p2-10.el9_6.3.s390x.rpm SHA-256: 709f6e906a2af8023d32b79e841f3cea54cf00b5b67888fcab316747279c7d48 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.s390x.rpm SHA-256: 13447fa01409f8207889ee71070a118958568c56194e6aeb5b946c1cce980a95 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.s390x.rpm SHA-256: 13447fa01409f8207889ee71070a118958568c56194e6aeb5b946c1cce980a95 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM sudo-1.9.5p2-10.el9_6.3.src.rpm SHA-256: 1ea9dfddf083f21ab430d950bb453ae718bae994793bdc7187ac1c7decac2458 ppc64le sudo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 459916fc0e16e5921f02aea2ed6bff6a46ba5a8dcccfa503539fe1cee90d3aac sudo-debuginfo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 77115c01eb3046874bacf059d625572ff93a1c620b4db34cd1f3a72e88bb7b3f sudo-debuginfo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 77115c01eb3046874bacf059d625572ff93a1c620b4db34cd1f3a72e88bb7b3f sudo-debugsource-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: d01b93c0eea85219831cd5d8cdd213bb6f70f3af48f64cdebb34f107c905c8c3 sudo-debugsource-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: d01b93c0eea85219831cd5d8cdd213bb6f70f3af48f64cdebb34f107c905c8c3 sudo-python-plugin-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: ef7a284f2b6e89b2df8f6102abeae1cb049e2eedd490f58fc66656c255ebfc33 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 2e9141eed89b55ccc68e94cf5dbc561ec227199c3d4d394320e3f8746556b693 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 2e9141eed89b55ccc68e94cf5dbc561ec227199c3d4d394320e3f8746556b693 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM sudo-1.9.5p2-10.el9_6.3.src.rpm SHA-256: 1ea9dfddf083f21ab430d950bb453ae718bae994793bdc7187ac1c7decac2458 aarch64 sudo-1.9.5p2-10.el9_6.3.aarch64.rpm SHA-256: 0f07d870dfde3999d45d0940c937fbb1d1c51126c6fae87ff764f5a9c32d0711 sudo-debuginfo-1.9.5p2-10.el9_6.3.aarch64.rpm SHA-256: d43d596c1a136a3b0cc35f11305d2fc64a3427818a6a7ac684a740c6b01585d2 sudo-debuginfo-1.9.5p2-10.el9_6.3.aarch64.rpm SHA-256: d43d596c1a136a3b0cc35f11305d2fc64a3427818a6a7ac684a740c6b01585d2 sudo-debugsource-1.9.5p2-10.el9_6.3.aarch64.rpm SHA-256: b197627e5cc688c50d5972a59cc02ad657ff0ab8a0eddcf7d00d93ad79a39c07 sudo-debugsource-1.9.5p2-10.el9_6.3.aarch64.rpm SHA-256: b197627e5cc688c50d5972a59cc02ad657ff0ab8a0eddcf7d00d93ad79a39c07 sudo-python-plugin-1.9.5p2-10.el9_6.3.aarch64.rpm SHA-256: 3778473154889a542d1be16590b6ad73973e1f71b6c6d7577e73cd912c870d4a sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.aarch64.rpm SHA-256: 6b2aca56becbd1c6e063b7fd82634eb38194a00ba72ab37a4c2bd4d6e1d9f229 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.aarch64.rpm SHA-256: 6b2aca56becbd1c6e063b7fd82634eb38194a00ba72ab37a4c2bd4d6e1d9f229 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM sudo-1.9.5p2-10.el9_6.3.src.rpm SHA-256: 1ea9dfddf083f21ab430d950bb453ae718bae994793bdc7187ac1c7decac2458 ppc64le sudo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 459916fc0e16e5921f02aea2ed6bff6a46ba5a8dcccfa503539fe1cee90d3aac sudo-debuginfo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 77115c01eb3046874bacf059d625572ff93a1c620b4db34cd1f3a72e88bb7b3f sudo-debuginfo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 77115c01eb3046874bacf059d625572ff93a1c620b4db34cd1f3a72e88bb7b3f sudo-debugsource-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: d01b93c0eea85219831cd5d8cdd213bb6f70f3af48f64cdebb34f107c905c8c3 sudo-debugsource-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: d01b93c0eea85219831cd5d8cdd213bb6f70f3af48f64cdebb34f107c905c8c3 sudo-python-plugin-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: ef7a284f2b6e89b2df8f6102abeae1cb049e2eedd490f58fc66656c255ebfc33 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 2e9141eed89b55ccc68e94cf5dbc561ec227199c3d4d394320e3f8746556b693 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_6.3.ppc64le.rpm SHA-256: 2e9141eed89b55ccc68e94cf5dbc561ec227199c3d4d394320e3f8746556b693 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 SRPM sudo-1.9.5p2-10.el9_6.3.src.rpm SHA-256: 1ea9dfddf083f21ab430d950bb453ae718bae994793bdc7187ac1c7decac2458 x86_64 sudo-1.9.5p2-10.el9_6.3.x86_64.rpm SHA-256: 7fa2810fbb589801abad