CVE-2022-29527
The CVE-2022-29527 issue affects Amazon AWS amazon-ssm-agent up to version 3.1.1207.x (i.e., before 3.1.1208.0). The vulnerability arises when the agent creates a world-writable sudoers file, enabling local attackers to inject sudo rules and escalate to root. The root cause is tied to a race cond...