Red Hat Product Errata RHSA-2026:19220 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19220 - Security Advisory Overview Updated Packages Synopsis Important: sudo security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for sudo is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fix(es): sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2454714 - CVE-2026-35535 sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVEs CVE-2026-35535 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM sudo-1.9.17p2-3.el9_8.src.rpm SHA-256: 2456676c74a050ef460a1284e524f636c0f2ba8d5de457f06e6289a0c55caad2 x86_64 sudo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: e10a032753c5c02ab918409cafa7dbd21132dda98fa0405345d87c25b8c1a276 sudo-debuginfo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: b13eb2e5902f13695ec5f226b78394cfb5907ed91cce5dd86089b1e2c40c5658 sudo-debuginfo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: b13eb2e5902f13695ec5f226b78394cfb5907ed91cce5dd86089b1e2c40c5658 sudo-debugsource-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 5ac086e39d5433307bfa310129da93b3d5cc833ed3944cf19d6d3f04170080d9 sudo-debugsource-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 5ac086e39d5433307bfa310129da93b3d5cc833ed3944cf19d6d3f04170080d9 sudo-python-plugin-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 0beda5820da87303cb9ced548aa2435e14b6dda73b6f85a1090f906de8ae63c8 sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 1fa6d8f3cc9f9f0e9e180ee8939fa2157861046eb1c4eb8cea0179418fa226e3 sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 1fa6d8f3cc9f9f0e9e180ee8939fa2157861046eb1c4eb8cea0179418fa226e3 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM sudo-1.9.17p2-3.el9_8.src.rpm SHA-256: 2456676c74a050ef460a1284e524f636c0f2ba8d5de457f06e6289a0c55caad2 x86_64 sudo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: e10a032753c5c02ab918409cafa7dbd21132dda98fa0405345d87c25b8c1a276 sudo-debuginfo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: b13eb2e5902f13695ec5f226b78394cfb5907ed91cce5dd86089b1e2c40c5658 sudo-debuginfo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: b13eb2e5902f13695ec5f226b78394cfb5907ed91cce5dd86089b1e2c40c5658 sudo-debugsource-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 5ac086e39d5433307bfa310129da93b3d5cc833ed3944cf19d6d3f04170080d9 sudo-debugsource-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 5ac086e39d5433307bfa310129da93b3d5cc833ed3944cf19d6d3f04170080d9 sudo-python-plugin-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 0beda5820da87303cb9ced548aa2435e14b6dda73b6f85a1090f906de8ae63c8 sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 1fa6d8f3cc9f9f0e9e180ee8939fa2157861046eb1c4eb8cea0179418fa226e3 sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.x86_64.rpm SHA-256: 1fa6d8f3cc9f9f0e9e180ee8939fa2157861046eb1c4eb8cea0179418fa226e3 Red Hat Enterprise Linux for IBM z Systems 9 SRPM sudo-1.9.17p2-3.el9_8.src.rpm SHA-256: 2456676c74a050ef460a1284e524f636c0f2ba8d5de457f06e6289a0c55caad2 s390x sudo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: a4ec6bd269b0bb6ac877b0a33f072609c8e4b8b9eac69e9af7de0606d1c2435e sudo-debuginfo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 9bd8dd63f7215c39bc93e768e749f9ffbde3bc1ccb1ed52a149390de4f429ea0 sudo-debuginfo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 9bd8dd63f7215c39bc93e768e749f9ffbde3bc1ccb1ed52a149390de4f429ea0 sudo-debugsource-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 4d09d4f1a1aa14a5455edcf588367b6fcf6760f6804c37f78fc306d3dccd0a50 sudo-debugsource-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 4d09d4f1a1aa14a5455edcf588367b6fcf6760f6804c37f78fc306d3dccd0a50 sudo-python-plugin-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 1a4cf0291261d1fe5197c4f636a57970471984b9ec4b8628006d57b0b306887e sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: adc7c55d40bdb897d8d69e757a4c13f2ae9122742ca66bfec43aaeed227009e0 sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: adc7c55d40bdb897d8d69e757a4c13f2ae9122742ca66bfec43aaeed227009e0 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM sudo-1.9.17p2-3.el9_8.src.rpm SHA-256: 2456676c74a050ef460a1284e524f636c0f2ba8d5de457f06e6289a0c55caad2 s390x sudo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: a4ec6bd269b0bb6ac877b0a33f072609c8e4b8b9eac69e9af7de0606d1c2435e sudo-debuginfo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 9bd8dd63f7215c39bc93e768e749f9ffbde3bc1ccb1ed52a149390de4f429ea0 sudo-debuginfo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 9bd8dd63f7215c39bc93e768e749f9ffbde3bc1ccb1ed52a149390de4f429ea0 sudo-debugsource-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 4d09d4f1a1aa14a5455edcf588367b6fcf6760f6804c37f78fc306d3dccd0a50 sudo-debugsource-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 4d09d4f1a1aa14a5455edcf588367b6fcf6760f6804c37f78fc306d3dccd0a50 sudo-python-plugin-1.9.17p2-3.el9_8.s390x.rpm SHA-256: 1a4cf0291261d1fe5197c4f636a57970471984b9ec4b8628006d57b0b306887e sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: adc7c55d40bdb897d8d69e757a4c13f2ae9122742ca66bfec43aaeed227009e0 sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.s390x.rpm SHA-256: adc7c55d40bdb897d8d69e757a4c13f2ae9122742ca66bfec43aaeed227009e0 Red Hat Enterprise Linux for Power, little endian 9 SRPM sudo-1.9.17p2-3.el9_8.src.rpm SHA-256: 2456676c74a050ef460a1284e524f636c0f2ba8d5de457f06e6289a0c55caad2 ppc64le sudo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 8a7c40b9a1acf62339b4014d2915c7605a64bb4726362f251f58e57c54a76848 sudo-debuginfo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 39d3ea84f54fdd65cbc66d3461ca91c44887199f7a4096b8060ff5c22707767e sudo-debuginfo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 39d3ea84f54fdd65cbc66d3461ca91c44887199f7a4096b8060ff5c22707767e sudo-debugsource-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: f0cb12dfe18e99a630cdab69d8dadeb54c128e068055c42c491905e59a10ce89 sudo-debugsource-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: f0cb12dfe18e99a630cdab69d8dadeb54c128e068055c42c491905e59a10ce89 sudo-python-plugin-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 54ac7fdb46e41c1ad6cc69a5fb778181858b7e4305b26f1a6b7891cb2dc740df sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 2b6ded59db6e8a7e5372bf406c36f4b150c2db1939e743bd2eba12167abce609 sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 2b6ded59db6e8a7e5372bf406c36f4b150c2db1939e743bd2eba12167abce609 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM sudo-1.9.17p2-3.el9_8.src.rpm SHA-256: 2456676c74a050ef460a1284e524f636c0f2ba8d5de457f06e6289a0c55caad2 ppc64le sudo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 8a7c40b9a1acf62339b4014d2915c7605a64bb4726362f251f58e57c54a76848 sudo-debuginfo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 39d3ea84f54fdd65cbc66d3461ca91c44887199f7a4096b8060ff5c22707767e sudo-debuginfo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 39d3ea84f54fdd65cbc66d3461ca91c44887199f7a4096b8060ff5c22707767e sudo-debugsource-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: f0cb12dfe18e99a630cdab69d8dadeb54c128e068055c42c491905e59a10ce89 sudo-debugsource-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: f0cb12dfe18e99a630cdab69d8dadeb54c128e068055c42c491905e59a10ce89 sudo-python-plugin-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 54ac7fdb46e41c1ad6cc69a5fb778181858b7e4305b26f1a6b7891cb2dc740df sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 2b6ded59db6e8a7e5372bf406c36f4b150c2db1939e743bd2eba12167abce609 sudo-python-plugin-debuginfo-1.9.17p2-3.el9_8.ppc64le.rpm SHA-256: 2b6ded59db6e8a7e5372bf406c36f4b150c2db1939e743bd2eba12167abce609 Red Hat Enterprise Linux for ARM 64 9 SRPM sudo-1.9.17p2-3.el9_8.src.rpm SHA-256: 2456676c74a050ef460a1284e524f636c0f2ba8d5de457f06e6289a0c55caad2 aarch64 sudo-1.9.17p2-3.el9_8.aarch64.rpm SHA-256: 3eff64cf403a8da64d85c5d24cece5381078a29a12cdaf41bd7729b5577839df sudo-debuginfo-1.9.17p2-3.el9_8.aarch64.rpm SHA-256: