9 matches found
sudo: Sudo: Privilege escalation due to failure in privilege drop calls
A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...
sudo: Sudo: Privilege escalation due to failure in privilege drop calls
A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...
sudo: Sudo: Privilege escalation due to failure in privilege drop calls
A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...
OESA-2026-1999 sudo security update
Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: In Sudo through 1.9.17p2 before 3e474c2, a failure of a setui...
OPENSUSE-SU-2026:20604-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2026-35535: unhandled failure of setuid, setgid or setgroups calls during a mailer privilege drop allows for local privilege escalation bsc1261420...
OESA-2026-1908 sudo security update
Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: In Sudo through 1.9.17p2 before 3e474c2, a failure of a setui...
DEBIAN-CVE-2026-35535
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation...
UBUNTU-CVE-2026-35535
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation...
DEBIAN-CVE-2010-3316
The runcoprocess function in pamxauth.c in the pamxauth module in Linux-PAM aka pam before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pamxauth PAM check...