Security Advisory

CVE-2021-23239

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-12 00:00:00

Last updated 2024-08-03 19:05:55

Assigner mitre

State PUBLISHED

Description

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

← Browse all CVEs View on cve.org ↗