CVE-2021-23239
The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.
Link Following
Vendor | Product | Version |
---|---|---|
sudo_project | sudo | 𝑥 < 1.8.32 |
sudo_project | sudo | 1.9.0 ≤ 𝑥 < 1.9.5 |
netapp | cloud_backup | - |
netapp | hci_management_node | - |
netapp | solidfire | - |
debian | debian_linux | 10.0 |
Debian Releases
Ubuntu Releases
Common Weakness Enumeration