CVE-2021-23240

CWE-59CWE-3677 documents7 sources
Severity
7.8HIGH
EPSS
0.2%
top 54.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sudo Project SudoFedoraproject Fedora
Timeline
PublishedJan 12
Latest updateMay 24

Description

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDsudo_project/sudo1.9.01.9.5+1
Debiansudo< 1.9.5-1+3

Also affects: Fedora 32, 33

Patches

Patch: bugzilla.suse.comPatch: bugzilla.suse.com

🔴Vulnerability Details

3
GHSA
GHSA-q7hf-7qcc-gmg8: selinux_edit_copy_tfiles in sudoedit in Sudo before 12022-05-24
CVEList
CVE-2021-23240: selinux_edit_copy_tfiles in sudoedit in Sudo before 12021-01-12
OSV
CVE-2021-23240: selinux_edit_copy_tfiles in sudoedit in Sudo before 12021-01-12

📋Vendor Advisories

3
Microsoft
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary f2021-01-12
Red Hat
sudo: symbolic link attack in SELinux-enabled sudoedit2021-01-11
Debian
CVE-2021-23240: sudo - selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivi...2021