3 matches found
Exploit for CVE-2024-31969
📌 CVE-2024-31969 CVE-2024-31969 adalah kerentanan local...
CVE-2024-31969
CVE-2024-31969 is a local privilege-escalation in sudo via sudoedit. The flaw, introduced in sudo 1.9.0, stems from improper validation of user environment variables and file ownership in sudoedit, enabling a local user with sudoedit access to modify files as root (e.g., via SUDO_EDITOR or symlin...
Important: sudo
Issue Overview: In sudo-1.8.23-10.amzn2.3.6 Amazon Linux 2 and sudo-1.8.23-10.58.amzn1 Amazon Linux 1, a user with an entry in the sudoers file, enabling them to run commands as another unprivileged user, can leverage it to run commands as root. No prior versions are affected. This issue has been...