Hello
I noticed you did initiate a thread per the recommendation in the case.
Since I work as a liaison with the AIX OSS team, I try to keep an eye on case-to-forum transitions.
I am providing the info I had shared in the case, as reference, and the team may have additional comments.
As mentioned, IBM (AIX or AIX Toolbox for Linux Applications) does not provide that file set, so cannot make any official assessments about this.
Since the version is vulnerable, I would think it is best to uninstall it.
If you do not want to remove it, you could compare the package listing to lslpp -f sudo.rte, to see if there are any conflicts.
# rpm -qpl
http://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/sudo/sudo-1.9.5p2-1.aix6.1.ppc.rpm/etc/rc.d/init.d/sudo/etc/rc.d/rc2.d/S90sudo/etc/sudoers/etc/sudoers.d/opt/freeware/bin/sudo/opt/freeware/bin/sudo_32/opt/freeware/bin/sudo_64/opt/freeware/bin/sudoedit/opt/freeware/bin/sudoedit_32/opt/freeware/bin/sudoedit_64/opt/freeware/bin/sudoreplay/opt/freeware/bin/sudoreplay_32/opt/freeware/bin/sudoreplay_64/opt/freeware/doc/sudo-1.9.5p2/opt/freeware/doc/sudo-1.9.5p2/HISTORY/opt/freeware/doc/sudo-1.9.5p2/INSTALL/opt/freeware/doc/sudo-1.9.5p2/LICENSE/opt/freeware/doc/sudo-1.9.5p2/NEWS/opt/freeware/doc/sudo-1.9.5p2/README/opt/freeware/doc/sudo-1.9.5p2/README.LDAP/opt/freeware/doc/sudo-1.9.5p2/TROUBLESHOOTING/opt/freeware/doc/sudo-1.9.5p2/UPGRADE/opt/freeware/include/sudo_plugin.h/opt/freeware/libexec/sudo/opt/freeware/libexec/sudo/audit_json.la/opt/freeware/libexec/sudo/audit_json.so/opt/freeware/libexec/sudo/group_file.la/opt/freeware/libexec/sudo/group_file.so/opt/freeware/libexec/sudo/libsudo_util.la/opt/freeware/libexec/sudo/libsudo_util.so/opt/freeware/libexec/sudo/libsudo_util.so.0/opt/freeware/libexec/sudo/libsudo_util.so.0.0.0/opt/freeware/libexec/sudo/sample_approval.la/opt/freeware/libexec/sudo/sample_approval.so/opt/freeware/libexec/sudo/sudo_noexec.la/opt/freeware/libexec/sudo/sudo_noexec.so/opt/freeware/libexec/sudo/sudoers.la/opt/freeware/libexec/sudo/sudoers.so/opt/freeware/libexec/sudo/system_group.la/opt/freeware/libexec/sudo/system_group.so/opt/freeware/libexec64/sudo/opt/freeware/libexec64/sudo/audit_json.la/opt/freeware/libexec64/sudo/audit_json.so/opt/freeware/libexec64/sudo/group_file.la/opt/freeware/libexec64/sudo/group_file.so/opt/freeware/libexec64/sudo/libsudo_util.la/opt/freeware/libexec64/sudo/libsudo_util.so/opt/freeware/libexec64/sudo/libsudo_util.so.0/opt/freeware/libexec64/sudo/libsudo_util.so.0.0.0/opt/freeware/libexec64/sudo/sample_approval.la/opt/freeware/libexec64/sudo/sample_approval.so/opt/freeware/libexec64/sudo/sudo_noexec.la/opt/freeware/libexec64/sudo/sudo_noexec.so/opt/freeware/libexec64/sudo/sudoers.la/opt/freeware/libexec64/sudo/sudoers.so/opt/freeware/libexec64/sudo/system_group.la/opt/freeware/libexec64/sudo/system_group.so/opt/freeware/man/man5/sudo.conf.5/opt/freeware/man/man5/sudo_logsrv.proto.5/opt/freeware/man/man5/sudo_logsrvd.conf.5/opt/freeware/man/man5/sudoers.5/opt/freeware/man/man5/sudoers.ldap.5/opt/freeware/man/man5/sudoers_timestamp.5/opt/freeware/man/man8/sudo.8/opt/freeware/man/man8/sudoedit.8/opt/freeware/man/man8/sudoreplay.8/opt/freeware/man/man8/visudo.8/opt/freeware/sbin/visudo/opt/freeware/sbin/visudo_32/opt/freeware/sbin/visudo_64/usr/bin/sudo/usr/bin/sudo_32/usr/bin/sudo_64/usr/bin/sudoedit/usr/bin/sudoedit_32/usr/bin/sudoedit_64/usr/bin/sudoreplay/usr/bin/sudoreplay_32/usr/bin/sudoreplay_64/usr/sbin/visudo/usr/sbin/visudo_32/usr/sbin/visudo_64/var/lib/sudo/var/lib/sudo/lectured/var/run/sudo------------------------------
Jan Harris
------------------------------
Original Message:
Sent: Tue July 27, 2021 02:25 PM
From: Nag N
Subject: Sudo.rte with vulnerability
We upgraded from AIX 6.1 to 7.2 and found that server had vulnerabilities on sudo.rte . AIX 6.1 is not update date as it is out of scope.
Currently server had below sudo version with AIX 7.2 , Can I install directly rpm package sudo_ids-1.9.5p2-1.ppc ? or do I have to remove sudo.rte before installing sudo_ids-1.9.5p2-1.ppc ?
--> lslpp -l |grep sudo
sudo.rte 1.8.20.2 COMMITTED Configurable super-user
sudo.rte 1.8.20.2 COMMITTED Configurable super-user
--> oslevel -s
7200-04-01-1939
------------------------------
Nag N
------------------------------