{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-35535","assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","state":"PUBLISHED","assignerShortName":"mitre","dateReserved":"2026-04-03T02:21:32.829Z","datePublished":"2026-04-03T02:21:33.584Z","dateUpdated":"2026-07-10T12:05:55.522Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Sudo","vendor":"Sudo project","versions":[{"lessThan":"3e474c2f201484be83d994ae10a4e20e8c81bb69","status":"affected","version":"0","versionType":"git"}]}],"descriptions":[{"lang":"en","value":"In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.4,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-271","description":"CWE-271 Privilege Dropping / Lowering Errors","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre","dateUpdated":"2026-04-03T02:21:33.584Z"},"references":[{"url":"https://github.com/sudo-project/sudo/commit/3e474c2f201484be83d994ae10a4e20e8c81bb69"},{"url":"https://www.qualys.com/2026/03/10/crack-armor.txt"},{"url":"https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/2143042"},{"url":"https://bugs.debian.org/1130593"}],"x_generator":{"engine":"CVE-Request-form 0.0.1"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-04-03T00:00:00+00:00","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3","id":"CVE-2026-35535"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-04-04T03:55:19.379Z"}},{"x_adpType":"supplier","providerMetadata":{"orgId":"0b142b55-0307-4c5a-b3c9-f314f3fb7c5e","shortName":"siemens-SADP","dateUpdated":"2026-06-02T13:01:15.329Z"},"affected":[{"vendor":"Siemens","product":"RUGGEDCOM RST2428P","versions":[{"status":"affected","version":"0","lessThan":"V4.0","versionType":"custom"}],"defaultStatus":"unknown"}],"references":[{"url":"https://cert-portal.siemens.com/productcert/html/ssa-253495.html"}]},{"title":"CVE Program Container","references":[{"url":"https://lists.debian.org/debian-lts-announce/2026/06/msg00003.html"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2026-06-04T15:01:58.149Z"}},{"affected":[{"cpes":["cpe:/o:redhat:rhel_els:6"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_els:6"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_els:7"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux Server (v. 7 ELS)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_els:7"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux Server Optional (v. 7 ELS)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.12::el8"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.12","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.13::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.13","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.14::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.14","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.15::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.15","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.16::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.16","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.17::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.17","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.18::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.18","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:openshift:4.19::el9"],"defaultStatus":"affected","product":"Red Hat OpenShift Container Platform 4.19","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream EUS (v. 10.0)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream (v. 10)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhel_e4s:9.0::appstream"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream E4S (v.9.0)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhel_e4s:9.2::appstream"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream E4S (v.9.2)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhel_eus:9.4::appstream"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream EUS (v.9.4)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhel_eus:9.6::appstream"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream EUS (v.9.6)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:enterprise_linux:9::appstream"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux AppStream (v. 9)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux_eus:10.0"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS EUS (v. 10.0)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:10.1","cpe:/o:redhat:enterprise_linux:10.2"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS (v. 10)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:8::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS (v. 8)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_aus:8.6::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS AUS (v.8.6)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_e4s:8.6::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.6)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_tus:8.6::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.6)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_e4s:8.8::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS E4S (v.8.8)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_tus:8.8::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS TUS (v.8.8)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_e4s:9.0::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.0)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_e4s:9.2::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS E4S (v.9.2)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_eus:9.4::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.4)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:rhel_eus:9.6::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS EUS (v.9.6)","vendor":"Red Hat"},{"cpes":["cpe:/o:redhat:enterprise_linux:9::baseos"],"defaultStatus":"affected","product":"Red Hat Enterprise Linux BaseOS (v. 9)","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:ai_inference_server:3.3::el9"],"defaultStatus":"affected","product":"Red Hat AI Inference Server 3.3","vendor":"Red Hat"},{"cpes":["cpe:/a:redhat:rhui:5::el9"],"defaultStatus":"affected","product":"Red Hat Update Infrastructure 5","vendor":"Red Hat"}],"datePublic":"2026-04-03T02:21:33.584Z","descriptions":[{"lang":"en","value":"A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system."}],"metrics":[{"other":{"content":{"namespace":"https://access.redhat.com/security/updates/classification/","value":"Important"},"type":"Red Hat severity rating"}},{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":7.4,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS"}],"problemTypes":[{"descriptions":[{"cweId":"CWE-272","description":"Least Privilege Violation","lang":"en","type":"CWE"}]}],"references":[{"tags":["vdb-entry","x_refsource_REDHAT"],"url":"https://access.redhat.com/security/cve/CVE-2026-35535"},{"name":"RHBZ#2454714","tags":["issue-tracking","x_refsource_REDHAT"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2454714"},{"tags":["x_sadp-csaf-vex"],"url":"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-35535.json"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13896"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13895"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:21695"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:21690"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:28887"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:23233"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:20087"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:34098"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:21656"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:20040"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13888"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:10758"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:19067"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13731"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13891"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:14437"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13889"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:12310"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:19220"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:11521"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:14228"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:13892"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:30088"},{"tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2026:21275"}],"solutions":[{"lang":"en","value":"RHSA-2026:13896: Red Hat Enterprise Linux Server -EXTENSION(v. 6 ELS-EXTENSION), Red Hat Enterprise Linux Server Optional -EXTENSION (v. 6 ELS -EXTENSION)"},{"lang":"en","value":"RHSA-2026:13895: Red Hat Enterprise Linux Server (v. 7 ELS), Red Hat Enterprise Linux Server Optional (v. 7 ELS)"},{"lang":"en","value":"RHSA-2026:21695: Red Hat OpenShift Container Platform 4.12"},{"lang":"en","value":"RHSA-2026:21690: Red Hat OpenShift Container Platform 4.13"},{"lang":"en","value":"RHSA-2026:28887: Red Hat OpenShift Container Platform 4.14"},{"lang":"en","value":"RHSA-2026:23233: Red Hat OpenShift Container Platform 4.15"},{"lang":"en","value":"RHSA-2026:20087: Red Hat OpenShift Container Platform 4.16"},{"lang":"en","value":"RHSA-2026:34098: Red Hat OpenShift Container Platform 4.17"},{"lang":"en","value":"RHSA-2026:21656: Red Hat OpenShift Container Platform 4.18"},{"lang":"en","value":"RHSA-2026:20040: Red Hat OpenShift Container Platform 4.19"},{"lang":"en","value":"RHSA-2026:13888: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0)"},{"lang":"en","value":"RHSA-2026:10758: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10)"},{"lang":"en","value":"RHSA-2026:19067: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10)"},{"lang":"en","value":"RHSA-2026:13731: Red Hat Enterprise Linux AppStream E4S (v.9.0), Red Hat Enterprise Linux BaseOS E4S (v.9.0)"},{"lang":"en","value":"RHSA-2026:13891: Red Hat Enterprise Linux AppStream E4S (v.9.2), Red Hat Enterprise Linux BaseOS E4S (v.9.2)"},{"lang":"en","value":"RHSA-2026:14437: Red Hat Enterprise Linux AppStream EUS (v.9.4), Red Hat Enterprise Linux BaseOS EUS (v.9.4)"},{"lang":"en","value":"RHSA-2026:13889: Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6)"},{"lang":"en","value":"RHSA-2026:12310: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9)"},{"lang":"en","value":"RHSA-2026:19220: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9)"},{"lang":"en","value":"RHSA-2026:11521: Red Hat Enterprise Linux BaseOS (v. 8)"},{"lang":"en","value":"RHSA-2026:14228: Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS E4S (v.8.6), Red Hat Enterprise Linux BaseOS TUS (v.8.6)"},{"lang":"en","value":"RHSA-2026:13892: Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)"},{"lang":"en","value":"RHSA-2026:30088: Red Hat AI Inference Server 3.3"},{"lang":"en","value":"RHSA-2026:21275: Red Hat Update Infrastructure 5"}],"timeline":[{"lang":"en","time":"2026-04-03T03:01:03.124Z","value":"Reported to Red Hat."},{"lang":"en","time":"2026-04-03T02:21:33.584Z","value":"Made public."}],"title":"sudo: Sudo: Privilege escalation due to failure in privilege drop calls","x_adpType":"supplier","x_generator":{"engine":"sadp-cli 1.0.0"},"providerMetadata":{"orgId":"0b0ca135-0b70-47e7-9f44-1890c2a1c46c","shortName":"redhat-SADP","dateUpdated":"2026-07-10T12:05:55.522Z"}}]}}