CVE
CVE-2021-23240
| CVE ID |
CVE-2021-23240
|
|---|---|
| CVSS Score |
7.8
|
| Operating System | |
| Affected Versions |
CentOS 7
|
| Patched Versions |
sudo-1.8.23-10_ol002.el7_9.3
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.