sudo-1.9.5p2-15.el9_7

エラータID: AXSA:2026-535:02

Release date: 
Monday, May 4, 2026 - 16:23
Subject: 
sudo-1.9.5p2-15.el9_7
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.

Security Fix(es):

* sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-35535
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.

Solution: 

Update packages.

CVEs: 
CVE-2026-35535
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.
Additional Info: 

N/A

Download: 

SRPMS
  1. sudo-1.9.5p2-15.el9_7.src.rpm
    MD5: b6bb830571e5923c0566a1c1adf03a6f
    SHA-256: 79a78229c5601fadf7da7c780c9327108de135c7fa49827b0ee1a266a74e06a3
    Size: 3.89 MB

Asianux Server 9 for x86_64
  1. sudo-1.9.5p2-15.el9_7.x86_64.rpm
    MD5: ba49c69353e7b28e6cd2bbcf188b0d93
    SHA-256: 4f3b91384c4a1795360f6d77376f06f4b6b362f0ce4e770496c4197b1676f458
    Size: 1.04 MB
  2. sudo-python-plugin-1.9.5p2-15.el9_7.x86_64.rpm
    MD5: a15b45decea02a7cd49ccb74239ada13
    SHA-256: 2c9be2f14ad627c250d12e28cdf9a61a72c2434f3a9b09921a08eb7de60b0702
    Size: 51.60 kB