selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-12T08:17:44
Updated: 2021-06-29T14:09:27
Reserved: 2021-01-07T00:00:00
Link: CVE-2021-23240
JSON object: View
NVD Information
Status : Modified
Published: 2021-01-12T09:15:14.107
Modified: 2023-11-07T03:30:50.347
Link: CVE-2021-23240
JSON object: View
Redhat Information
No data.
CWE