rpm package

suse/sudo&distro=SUSE Linux Enterprise Micro 5.5

pkg:rpm/suse/sudo&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Vulnerabilities (3)

CVE	Sev	CVSS	Affected versions	Fixed in	Published	Description
CVE-2026-35535	Hig	7.4	< 1.9.12p1-150500.7.16.1	1.9.12p1-150500.7.16.1	Apr 3, 2026	In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.
CVE-2025-32462		—	< 1.9.12p1-150500.7.13.1	1.9.12p1-150500.7.13.1	Jun 30, 2025	Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
CVE-2023-42465		—	< 1.9.12p1-150500.7.10.1	1.9.12p1-150500.7.10.1	Dec 22, 2023	Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.

CVE-2026-35535HigApr 3, 2026
affected < 1.9.12p1-150500.7.16.1fixed 1.9.12p1-150500.7.16.1
In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.
CVE-2025-32462Jun 30, 2025
affected < 1.9.12p1-150500.7.13.1fixed 1.9.12p1-150500.7.13.1
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
CVE-2023-42465Dec 22, 2023
affected < 1.9.12p1-150500.7.10.1fixed 1.9.12p1-150500.7.10.1
Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit.