Lucene search

K
ubuntucveUbuntu.comUB:CVE-2021-23239
HistoryJan 12, 2021 - 12:00 a.m.

CVE-2021-23239

2021-01-1200:00:00
ubuntu.com
ubuntu.com
22
cve-2021-23239
sudo
vulnerability

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

2.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

39.6%

The sudoedit personality of Sudo before 1.9.5 may allow a local
unprivileged user to perform arbitrary directory-existence tests by winning
a sudo_edit.c race condition in replacing a user-controlled directory by a
symlink to an arbitrary path.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchsudo< 1.8.21p2-3ubuntu1.4UNKNOWN
ubuntu20.04noarchsudo< 1.8.31-1ubuntu1.2UNKNOWN
ubuntu20.10noarchsudo< 1.9.1-1ubuntu1.1UNKNOWN
ubuntu21.04noarchsudo< 1.9.4p2-2ubuntu2UNKNOWN
ubuntu21.10noarchsudo< 1.9.4p2-2ubuntu2UNKNOWN
ubuntu22.04noarchsudo< 1.9.4p2-2ubuntu2UNKNOWN
ubuntu22.10noarchsudo< 1.9.4p2-2ubuntu2UNKNOWN
ubuntu23.04noarchsudo< 1.9.4p2-2ubuntu2UNKNOWN
ubuntu23.10noarchsudo< 1.9.4p2-2ubuntu2UNKNOWN
ubuntu24.04noarchsudo< 1.9.4p2-2ubuntu2UNKNOWN
Rows per page:
1-10 of 121

CVSS2

1.9

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:M/Au:N/C:P/I:N/A:N

CVSS3

2.5

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

39.6%