Wind River Support Network

HomeDefectsLIN1023-19630
Fixed

LIN1023-19630 : Security Advisory - sudo - CVE-2026-35535

Created: Apr 3, 2026    Updated: Jun 3, 2026
Resolved Date: Jun 2, 2026
Found In Version: 10.23.30.2
Fix Version: 10.23.30.18
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace

Description

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube