[SECURITY] [DLA 4614-1] sudo security update

Debian LTS Advisory DLA-4614-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson June 04, 2026 https://wiki.debian.org/LTS Package : sudo Version : 1.9.5p2-3+deb11u4 CVE ID : CVE-2026-35535 Debian Bug : 1130593 Qualys released an advisory called CrackArmor...

Debian dla-4614 : sudo - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4614 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4614-1 [email protected] https://www.debian.org/lts/security/...

Fedora 43 : pie (2026-b2fe14ec86)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-b2fe14ec86 advisory. Version 1.4.5 This release contains vulnerability fixes for the following security advisories: - GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion...

Fedora 44 : pie (2026-e5d5fc359d)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e5d5fc359d advisory. Version 1.4.5 This release contains vulnerability fixes for the following security advisories: - GHSA-h842-vjwg-pxxx - Sudo-elevated arbitrary file deletion...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.18.43 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.43 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

Linux-privesc-PoC

Linux Privilege Escalation PoC Lab Educational disclaimer...

Exploit for OS Command Injection in Gnu Bash

HackTheBox: Shocker Writeup A structured and professional walk...

MAL-2026-5142 Malicious code in @redhat-cloud-services/insights-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

sudo security update

An update is available for sudo. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sudo packages contain the sudo utility which allows system administrators t...

RLSA-2026:19067 Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: Sudo: Privilege escalation due to failu...

RockyLinux 10 : sudo (RLSA-2026:19067)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19067 advisory. sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVE-2026-35535 Tenable has extracted the preceding description block directly from the...

RLSA-2026:19220 Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: Sudo: Privilege escalation due to failu...

sudo security update

An update is available for sudo. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The sudo packages contain the sudo utility which allows system administrators to...

RockyLinux 9 : sudo (RLSA-2026:19220)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19220 advisory. sudo: Sudo: Privilege escalation due to failure in privilege drop calls CVE-2026-35535 Tenable has extracted the preceding description block directly from the...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.19.32 bug fix and security update

Red Hat OpenShift Container Platform release 4.19.32 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...

TencentOS Server 3: sudo (TSSA-2026:0349)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0349 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

MAL-2026-4697 Malicious code in twokey (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 20c6d8e22fd03dd5ff39bac81bcbffd05db3b2a08dcf9768332094ffcca4eebd The package's postinstall hook unconditionally executes node bin/twokey.js --desktop --enable-autostart, which performs three install-time actions...

RHSA-2026:19220 Red Hat Security Advisory: sudo security update

Bulletin has no description...

RHSA-2026:19067 Red Hat Security Advisory: sudo security update

Bulletin has no description...

Astra Linux - уязвимость в sudo

Before version 1.9.13, sudo did not escape control characters in the sudoreplay output...