4 matches found
sudo: Sudo: Privilege escalation due to failure in privilege drop calls
A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...
sudo: Sudo: Privilege escalation due to failure in privilege drop calls
A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...
sudo: Sudo: Privilege escalation due to failure in privilege drop calls
A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...
CVE-2026-35535
CVE-2026-35535 affects Sudo up to 1.9.17p2, before the patch identified as 3e474c2. A failure in a setuid/setgid/setgroups call during privilege drop prior to invoking the mailer is not fatal and can lead to local privilege escalation. The vulnerability is restricted to local attackers with exist...