sudo-1.9.17p2-3.el9

エラータID: AXSA:2026-852:04

Release date: 
Wednesday, June 24, 2026 - 05:10
Subject: 
sudo-1.9.17p2-3.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
High
Description: 

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root.

Security Fix(es):

* sudo: Sudo: Privilege escalation due to failure in privilege drop calls (CVE-2026-35535)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2026-35535
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.

Solution: 

Update packages.

Additional Info: 

N/A

Download: 

SRPMS
  1. sudo-1.9.17p2-3.el9.src.rpm
    MD5: 41e112c656b420aefc18f983fa89e256
    SHA-256: 4eaf06041a24b225c98a8f3eadb401e3525d70d1062fc5176d7477c79e8c469a
    Size: 5.22 MB

Asianux Server 9 for x86_64
  1. sudo-1.9.17p2-3.el9.x86_64.rpm
    MD5: 1542fe573cfdb1aacca97d2721a7976b
    SHA-256: a9948ed17ba128520f935b57a9a12dab5615a2a78667726f865d6113b3f0f780
    Size: 1.33 MB
  2. sudo-python-plugin-1.9.17p2-3.el9.x86_64.rpm
    MD5: 7e3b9d86cae0d792be3c4a57f7d64dd1
    SHA-256: 185e389a013890109588444df9b7da89801ebf96c86f9b75403fb01a55be9347
    Size: 53.50 kB