logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-23239

Description

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.


Affected Software


CPE Name Name Version
sudo_project:sudo sudo project sudo 1.8.32
sudo_project:sudo sudo project sudo 1.9.5
netapp:cloud_backup netapp cloud backup -
netapp:solidfire netapp solidfire -
netapp:hci_management_node netapp hci management node -
fedoraproject:fedora fedoraproject fedora 32
fedoraproject:fedora fedoraproject fedora 33
debian:debian_linux debian debian linux 10.0

Related