Red Hat Product Errata RHSA-2026:14437 - Security Advisory Issued: 2026-05-06 Updated: 2026-05-06 RHSA-2026:14437 - Security Advisory Overview Updated Packages Synopsis Important: sudo security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for sudo is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64 Red Hat Enterprise Linux Server - AUS 9.4 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x Fixes BZ - 2454714 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVEs CVE-2026-35535 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 SRPM sudo-1.9.5p2-10.el9_4.3.src.rpm SHA-256: 72b2e2589724304b9b6792f432f44ecb9539cb0cb201360a550bb96262adcc63 x86_64 sudo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: e28671d5519e872d2c0acaf4dac9df55a9cdede8f444d5127c36917b8a059956 sudo-debuginfo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: 758f82957d97b4353ff80312cc576c05ff1ee4c5aca3b78b2b3281057b98f8df sudo-debuginfo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: 758f82957d97b4353ff80312cc576c05ff1ee4c5aca3b78b2b3281057b98f8df sudo-debugsource-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: a18e9f10f2723f302259c6e34da8e7727c45387bb7e8b013baf1a3dd919f0a54 sudo-debugsource-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: a18e9f10f2723f302259c6e34da8e7727c45387bb7e8b013baf1a3dd919f0a54 sudo-python-plugin-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: 9368c7c224c519f371cf808764c7715656abe31408e8bd8c3f608095419595fd sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: a21f7bda3368736f0d4702df0f80af5de666cf536c4c8c795be0a21178a29ab0 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: a21f7bda3368736f0d4702df0f80af5de666cf536c4c8c795be0a21178a29ab0 Red Hat Enterprise Linux Server - AUS 9.4 SRPM sudo-1.9.5p2-10.el9_4.3.src.rpm SHA-256: 72b2e2589724304b9b6792f432f44ecb9539cb0cb201360a550bb96262adcc63 x86_64 sudo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: e28671d5519e872d2c0acaf4dac9df55a9cdede8f444d5127c36917b8a059956 sudo-debuginfo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: 758f82957d97b4353ff80312cc576c05ff1ee4c5aca3b78b2b3281057b98f8df sudo-debuginfo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: 758f82957d97b4353ff80312cc576c05ff1ee4c5aca3b78b2b3281057b98f8df sudo-debugsource-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: a18e9f10f2723f302259c6e34da8e7727c45387bb7e8b013baf1a3dd919f0a54 sudo-debugsource-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: a18e9f10f2723f302259c6e34da8e7727c45387bb7e8b013baf1a3dd919f0a54 sudo-python-plugin-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: 9368c7c224c519f371cf808764c7715656abe31408e8bd8c3f608095419595fd sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: a21f7bda3368736f0d4702df0f80af5de666cf536c4c8c795be0a21178a29ab0 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: a21f7bda3368736f0d4702df0f80af5de666cf536c4c8c795be0a21178a29ab0 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 SRPM sudo-1.9.5p2-10.el9_4.3.src.rpm SHA-256: 72b2e2589724304b9b6792f432f44ecb9539cb0cb201360a550bb96262adcc63 s390x sudo-1.9.5p2-10.el9_4.3.s390x.rpm SHA-256: 7e8df2b9d63c0b3bde168ad538ab175a8b45c6f0986795ba6edb5dc4f143baeb sudo-debuginfo-1.9.5p2-10.el9_4.3.s390x.rpm SHA-256: 66709cb5fd17e43ff3da509f703be888b1aa48cb72d0f5ede463cec2540494c1 sudo-debuginfo-1.9.5p2-10.el9_4.3.s390x.rpm SHA-256: 66709cb5fd17e43ff3da509f703be888b1aa48cb72d0f5ede463cec2540494c1 sudo-debugsource-1.9.5p2-10.el9_4.3.s390x.rpm SHA-256: e7b4bc2eda28a2715ddeea7636fc7e84c0a6cec9eb6b1cd37c20dbb5583ce490 sudo-debugsource-1.9.5p2-10.el9_4.3.s390x.rpm SHA-256: e7b4bc2eda28a2715ddeea7636fc7e84c0a6cec9eb6b1cd37c20dbb5583ce490 sudo-python-plugin-1.9.5p2-10.el9_4.3.s390x.rpm SHA-256: 09b4539120d810e2e59de281edf918773a76bed31e0cdae5c1826189312b9450 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.s390x.rpm SHA-256: 598dd939ceccf02bcc64177ca11b358945c74b78fb2836a965289e1aab91f7a0 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.s390x.rpm SHA-256: 598dd939ceccf02bcc64177ca11b358945c74b78fb2836a965289e1aab91f7a0 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 SRPM sudo-1.9.5p2-10.el9_4.3.src.rpm SHA-256: 72b2e2589724304b9b6792f432f44ecb9539cb0cb201360a550bb96262adcc63 ppc64le sudo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: d1fd0e4a4b1e227848741744103d6f1aaa87829b2619bca32e331c125d911b57 sudo-debuginfo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: 091f9c7db2ef90812f6b60e16a559639bad72f29fe46981c278a39f69eeac26d sudo-debuginfo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: 091f9c7db2ef90812f6b60e16a559639bad72f29fe46981c278a39f69eeac26d sudo-debugsource-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: f826974bcc11aa88d4012f89e25f1acc8a19dfd6ec996c7b42652a51a446ba01 sudo-debugsource-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: f826974bcc11aa88d4012f89e25f1acc8a19dfd6ec996c7b42652a51a446ba01 sudo-python-plugin-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: fcde2ba9862ea556efb7da9df5bb6ce0a862c72c4fbe7701311e2d9ae59f5478 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: 03646b38fbcf3d4c97cdd86758c08de26d85d91b9a3d1352d1f88026a8ef7cc5 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: 03646b38fbcf3d4c97cdd86758c08de26d85d91b9a3d1352d1f88026a8ef7cc5 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 SRPM sudo-1.9.5p2-10.el9_4.3.src.rpm SHA-256: 72b2e2589724304b9b6792f432f44ecb9539cb0cb201360a550bb96262adcc63 aarch64 sudo-1.9.5p2-10.el9_4.3.aarch64.rpm SHA-256: 8969e448d73fd7857f85269ce44eaa09ff6b5c2a4b6c9b69635f8a18a29a7357 sudo-debuginfo-1.9.5p2-10.el9_4.3.aarch64.rpm SHA-256: eacb23ab95e2a1903742415fbf4e5cf974f254e57bcd687dc39b6f6d25c66973 sudo-debuginfo-1.9.5p2-10.el9_4.3.aarch64.rpm SHA-256: eacb23ab95e2a1903742415fbf4e5cf974f254e57bcd687dc39b6f6d25c66973 sudo-debugsource-1.9.5p2-10.el9_4.3.aarch64.rpm SHA-256: d20cbfd3991c685c35d4269b6ed1f62fc0430fb8f0d85e993859cc0202629ea0 sudo-debugsource-1.9.5p2-10.el9_4.3.aarch64.rpm SHA-256: d20cbfd3991c685c35d4269b6ed1f62fc0430fb8f0d85e993859cc0202629ea0 sudo-python-plugin-1.9.5p2-10.el9_4.3.aarch64.rpm SHA-256: 4209bd49007da3c89cc50a07fe68d4a3256c834c5069cf049348bfb92faa173c sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.aarch64.rpm SHA-256: e1dc4a68430c57ab3760a578e9311c281cf57282a1089c66b8de0b079a53c8db sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.aarch64.rpm SHA-256: e1dc4a68430c57ab3760a578e9311c281cf57282a1089c66b8de0b079a53c8db Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 SRPM sudo-1.9.5p2-10.el9_4.3.src.rpm SHA-256: 72b2e2589724304b9b6792f432f44ecb9539cb0cb201360a550bb96262adcc63 ppc64le sudo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: d1fd0e4a4b1e227848741744103d6f1aaa87829b2619bca32e331c125d911b57 sudo-debuginfo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: 091f9c7db2ef90812f6b60e16a559639bad72f29fe46981c278a39f69eeac26d sudo-debuginfo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: 091f9c7db2ef90812f6b60e16a559639bad72f29fe46981c278a39f69eeac26d sudo-debugsource-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: f826974bcc11aa88d4012f89e25f1acc8a19dfd6ec996c7b42652a51a446ba01 sudo-debugsource-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: f826974bcc11aa88d4012f89e25f1acc8a19dfd6ec996c7b42652a51a446ba01 sudo-python-plugin-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: fcde2ba9862ea556efb7da9df5bb6ce0a862c72c4fbe7701311e2d9ae59f5478 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: 03646b38fbcf3d4c97cdd86758c08de26d85d91b9a3d1352d1f88026a8ef7cc5 sudo-python-plugin-debuginfo-1.9.5p2-10.el9_4.3.ppc64le.rpm SHA-256: 03646b38fbcf3d4c97cdd86758c08de26d85d91b9a3d1352d1f88026a8ef7cc5 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 SRPM sudo-1.9.5p2-10.el9_4.3.src.rpm SHA-256: 72b2e2589724304b9b6792f432f44ecb9539cb0cb201360a550bb96262adcc63 x86_64 sudo-1.9.5p2-10.el9_4.3.x86_64.rpm SHA-256: e28671d551