vulnerability
CentOS Linux: CVE-2021-23239: Low: sudo security and bug fix update (CESA-2021:1723)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:M/Au:N/C:P/I:N/A:N) | 2021-01-12 | 2021-06-01 | 2023-05-25 |
Severity
2
CVSS
(AV:L/AC:M/Au:N/C:P/I:N/A:N)
Published
2021-01-12
Added
2021-06-01
Modified
2023-05-25
Description
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.
Solution(s)
centos-upgrade-sudocentos-upgrade-sudo-debuginfocentos-upgrade-sudo-debugsource
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.