Security Advisory

CVE-2021-23240

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-12 08:17:44

Last updated 2024-08-03 19:05:54

Assigner mitre

State PUBLISHED

Description

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

← Browse all CVEs View on cve.org ↗