Stay Connected:

ELSA-2026-11521

ELSA-2026-11521 - sudo security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-04-29

Description


[1.9.5p2-1.0.1.el8_10.5]
- Fixes sudo -s unclosed sessions when use_pty option used [Orabug: 36952911]

[1.9.5p2-1.5]
RHEL 8.10.0.Z ERRATUM
- CVE-2026-35535 - Privilege escalation due to failure in privilege drop calls
Resolves: RHEL-166060

[1.9.5p2-1.3]
RHEL 8.10.0.Z ERRATUM
- sudo passes SHELL environment variable twice to the shell being executed [rhel-8]
Resolves: RHEL-127360

[1.9.5p2-1.2]
RHEL 8.10.0.Z ERRATUM
- Reintroduce cmnd_no_wait
Resolves: RHEL-51956
- Missing separator in the log
Resolves: RHEL-71913

[1.9.5p2-1.1]
RHEL 8.10.0.Z ERRATUM
- CVE-2025-32462 sudo: LPE via host option
Resolves: RHEL-100014


Related CVEs


CVE-2026-35535

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) sudo-1.9.5p2-1.0.1.el8_10.5.src.rpmfc52db0275d7102ff913ea0b7fa4008f9fae4ca7db2563c8cd9fbe555f0e64b3-ol8_aarch64_baseos_latest
sudo-1.9.5p2-1.0.1.el8_10.5.src.rpmfc52db0275d7102ff913ea0b7fa4008f9fae4ca7db2563c8cd9fbe555f0e64b3-ol8_aarch64_u10_baseos_patch
sudo-1.9.5p2-1.0.1.el8_10.5.aarch64.rpm49e8c8e79beb1859f7d5b5ad4fda3d02df203c547a1f2761e1ceda8ca7ea6bfe-ol8_aarch64_baseos_latest
sudo-1.9.5p2-1.0.1.el8_10.5.aarch64.rpm49e8c8e79beb1859f7d5b5ad4fda3d02df203c547a1f2761e1ceda8ca7ea6bfe-ol8_aarch64_u10_baseos_patch
Oracle Linux 8 (x86_64) sudo-1.9.5p2-1.0.1.el8_10.5.src.rpmfc52db0275d7102ff913ea0b7fa4008f9fae4ca7db2563c8cd9fbe555f0e64b3-ol8_x86_64_baseos_latest
sudo-1.9.5p2-1.0.1.el8_10.5.src.rpmfc52db0275d7102ff913ea0b7fa4008f9fae4ca7db2563c8cd9fbe555f0e64b3-ol8_x86_64_u10_baseos_patch
sudo-1.9.5p2-1.0.1.el8_10.5.x86_64.rpmdebceed80f4f563f2f97013aa14789dd692852d7066b02b612119e8e16d0b81f-ol8_x86_64_baseos_latest
sudo-1.9.5p2-1.0.1.el8_10.5.x86_64.rpmdebceed80f4f563f2f97013aa14789dd692852d7066b02b612119e8e16d0b81f-ol8_x86_64_u10_baseos_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights