CVE-2021-23240

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-23240

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-23240.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-23240

Downstream

ALPINE-CVE-2021-23240

DEBIAN-CVE-2021-23240

OESA-2021-1002

RHSA-2021:1723

SUSE-SU-2021:0225-1

SUSE-SU-2021:0226-1

SUSE-SU-2021:0227-1

UBUNTU-CVE-2021-23240

openSUSE-SU-2021:0169-1

openSUSE-SU-2021:0170-1

openSUSE-SU-2024:11413-1

Related

Published

2021-01-12T09:15:14Z

Modified

2025-11-09T15:12:21.815056Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

selinuxeditcopy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

References

Affected packages

Git / github.com/millert/sudo

Affected ranges

Type: GIT
Repo: https://github.com/millert/sudo
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

caa666c2dfa1f4286ccfbed5e512432665b72d3a

Git / github.com/sudo-project/sudo

Affected ranges

Type: GIT
Repo: https://github.com/sudo-project/sudo
Events: Introduced

83d1bee918147a57804de77d3e1064a4e323f47e

Fixed

10d072a320c885e2e805ef2e47fe7a2ebde68abc

Affected versions

Other

SUDO_1_9_0

SUDO_1_9_1

SUDO_1_9_2

SUDO_1_9_3

SUDO_1_9_3p1

SUDO_1_9_4

SUDO_1_9_4p1

SUDO_1_9_4p2

v1.*

v1.9.0

v1.9.1

v1.9.2

v1.9.3

v1.9.3p1

v1.9.4

v1.9.4p1

v1.9.4p2