openSUSE-SU-2026:20604-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2026:20604-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/openSUSE-SU-2026:20604-1
- Upstream
- Related
- Published
- 2026-04-22T09:56:41Z
- Modified
- 2026-04-24T18:26:16.704216Z
- Summary
- Security update for sudo
- Details
-
This update for sudo fixes the following issues:
- CVE-2026-35535: unhandled failure of
setuid,setgidorsetgroupscalls during a mailer privilege drop allows for local privilege escalation (bsc#1261420).
- CVE-2026-35535: unhandled failure of
- References
Affected packages
openSUSE:Leap 16.0 / sudo
Package
- Name
- sudo
- Purl
- pkg:rpm/opensuse/sudo&distro=openSUSE%20Leap%2016.0
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.9.17p1-160000.3.1
Ecosystem specific
{
"binaries": [
{
"system-group-sudo": "1.9.17p1-160000.3.1",
"sudo-policy-wheel-auth-self": "1.9.17p1-160000.3.1",
"sudo-policy-sudo-auth-self": "1.9.17p1-160000.3.1",
"sudo-test": "1.9.17p1-160000.3.1",
"sudo-devel": "1.9.17p1-160000.3.1",
"sudo-plugin-python": "1.9.17p1-160000.3.1",
"sudo": "1.9.17p1-160000.3.1"
}
]
}