{
  "threat_severity" : "Important",
  "public_date" : "2026-04-03T02:21:33Z",
  "bugzilla" : {
    "description" : "sudo: Sudo: Privilege escalation due to failure in privilege drop calls",
    "id" : "2454714",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2454714"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.4",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-272",
  "details" : [ "In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.", "A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "release_date" : "2026-04-27T00:00:00Z",
    "advisory" : "RHSA-2026:10758",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10.1",
    "package" : "sudo-0:1.9.15-10.p5.el10_1"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10",
    "release_date" : "2026-05-19T00:00:00Z",
    "advisory" : "RHSA-2026:19067",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10.2",
    "package" : "sudo-0:1.9.17-4.p2.el10_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 10.0 Extended Update Support",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:13888",
    "cpe" : "cpe:/o:redhat:enterprise_linux_eus:10.0",
    "package" : "sudo-0:1.9.15-8.p5.el10_0.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:13896",
    "cpe" : "cpe:/o:redhat:rhel_els:6",
    "package" : "sudo-0:1.8.6p3-29.el6_10.8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:13895",
    "cpe" : "cpe:/o:redhat:rhel_els:7",
    "package" : "sudo-0:1.8.23-10.el7_9.5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2026-04-29T00:00:00Z",
    "advisory" : "RHSA-2026:11521",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "sudo-0:1.9.5p2-1.el8_10.5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:14228",
    "cpe" : "cpe:/o:redhat:rhel_aus:8.6",
    "package" : "sudo-0:1.9.5p2-1.el8_6.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:14228",
    "cpe" : "cpe:/o:redhat:rhel_tus:8.6",
    "package" : "sudo-0:1.9.5p2-1.el8_6.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:14228",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.6",
    "package" : "sudo-0:1.9.5p2-1.el8_6.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:13892",
    "cpe" : "cpe:/o:redhat:rhel_tus:8.8",
    "package" : "sudo-0:1.9.5p2-1.el8_8.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:13892",
    "cpe" : "cpe:/o:redhat:rhel_e4s:8.8",
    "package" : "sudo-0:1.9.5p2-1.el8_8.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2026-04-30T00:00:00Z",
    "advisory" : "RHSA-2026:12310",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "sudo-0:1.9.5p2-15.el9_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2026-05-19T00:00:00Z",
    "advisory" : "RHSA-2026:19220",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "sudo-0:1.9.17p2-3.el9_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2026-04-30T00:00:00Z",
    "advisory" : "RHSA-2026:12310",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "sudo-0:1.9.5p2-15.el9_7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2026-05-19T00:00:00Z",
    "advisory" : "RHSA-2026:19220",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "sudo-0:1.9.17p2-3.el9_8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
    "release_date" : "2026-05-05T00:00:00Z",
    "advisory" : "RHSA-2026:13731",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.0",
    "package" : "sudo-0:1.9.5p2-7.el9_0.6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:13891",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.2",
    "package" : "sudo-0:1.9.5p2-9.el9_2.4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:14437",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.4",
    "package" : "sudo-0:1.9.5p2-10.el9_4.3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.6 Extended Update Support",
    "release_date" : "2026-05-06T00:00:00Z",
    "advisory" : "RHSA-2026:13889",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.6",
    "package" : "sudo-0:1.9.5p2-10.el9_6.3"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.12",
    "release_date" : "2026-06-04T00:00:00Z",
    "advisory" : "RHSA-2026:21695",
    "cpe" : "cpe:/a:redhat:openshift:4.12::el8",
    "package" : "rhcos-412.86.202605271418-0"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.13",
    "release_date" : "2026-06-04T00:00:00Z",
    "advisory" : "RHSA-2026:21690",
    "cpe" : "cpe:/a:redhat:openshift:4.13::el9",
    "package" : "rhcos-413.92.202605271328-0"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.15",
    "release_date" : "2026-06-11T00:00:00Z",
    "advisory" : "RHSA-2026:23233",
    "cpe" : "cpe:/a:redhat:openshift:4.15::el9",
    "package" : "rhcos-415.92.202606030318-0"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.16",
    "release_date" : "2026-05-29T00:00:00Z",
    "advisory" : "RHSA-2026:20087",
    "cpe" : "cpe:/a:redhat:openshift:4.16::el9",
    "package" : "rhcos-416.94.202605200242-0"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.18",
    "release_date" : "2026-06-03T00:00:00Z",
    "advisory" : "RHSA-2026:21656",
    "cpe" : "cpe:/a:redhat:openshift:4.18::el9",
    "package" : "rhcos-418.94.202605260517-0"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.19",
    "release_date" : "2026-05-27T00:00:00Z",
    "advisory" : "RHSA-2026:20040",
    "cpe" : "cpe:/a:redhat:openshift:4.19::el9",
    "package" : "rhcos-4.19.9.6.202605201155-0"
  }, {
    "product_name" : "Red Hat Update Infrastructure 5",
    "release_date" : "2026-05-27T00:00:00Z",
    "advisory" : "RHSA-2026:21275",
    "cpe" : "cpe:/a:redhat:rhui:5::el9",
    "package" : "rhui5/installer-rhel9:1779798165"
  }, {
    "product_name" : "Red Hat Update Infrastructure 5",
    "release_date" : "2026-05-27T00:00:00Z",
    "advisory" : "RHSA-2026:21275",
    "cpe" : "cpe:/a:redhat:rhui:5::el9",
    "package" : "rhui5/rhua-rhel9:1779798222"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-35535\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-35535\nhttps://bugs.debian.org/1130593\nhttps://bugs.launchpad.net/ubuntu/+source/sudo/+bug/2143042\nhttps://github.com/sudo-project/sudo/commit/3e474c2f201484be83d994ae10a4e20e8c81bb69\nhttps://www.qualys.com/2026/03/10/crack-armor.txt" ],
  "name" : "CVE-2026-35535",
  "csaw" : false
}