CVE-2021-23240
First published: Tue Jan 12 2021(Updated: )
selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sudo Project Sudo | <1.8.32 | |
| Sudo Project Sudo | >=1.9.0<1.9.5 | |
| netapp hci management node | ||
| netapp solidfire | ||
| Fedoraproject Fedora | =32 | |
| Fedoraproject Fedora | =33 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.suse.com/show_bug.cgi?id=CVE-2021-23240
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EE42Y35SMJOLONAIBNYNFC7J44UUZ2Y6/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GMY4VSSBIND7VAYSN6T7XIWJRWG4GBB3/
- https://security.gentoo.org/glsa/202101-33
- https://security.netapp.com/advisory/ntap-20210129-0010/
- https://www.sudo.ws/stable.html#1.9.5
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EE42Y35SMJOLONAIBNYNFC7J44UUZ2Y6/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GMY4VSSBIND7VAYSN6T7XIWJRWG4GBB3/
- https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
- https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
Frequently Asked Questions
What is CVE-2021-23240?
CVE-2021-23240 is a vulnerability in sudoedit in Sudo before 1.9.5 that allows a local unprivileged user to gain file ownership and escalate privileges.
How does CVE-2021-23240 affect SELinux RBAC support in permissive mode?
CVE-2021-23240 affects SELinux RBAC support in permissive mode by allowing the user to replace a temporary file with a symlink to an arbitrary file target, gaining file ownership and escalating privileges.
Which versions of Sudo are affected by CVE-2021-23240?
Versions of Sudo before 1.9.5 are affected by CVE-2021-23240.
Are machines without SELinux affected by CVE-2021-23240?
Machines without SELinux are not affected by CVE-2021-23240.
What is the severity of CVE-2021-23240?
CVE-2021-23240 has a severity rating of 7.8 (high).
What is the Common Weakness Enumeration (CWE) ID for CVE-2021-23240?
The Common Weakness Enumeration (CWE) ID for CVE-2021-23240 is 59.
Where can I find more information about CVE-2021-23240?
You can find more information about CVE-2021-23240 at the following references: [1] [2] [3]
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/remedy
- agent/references
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/sudo project
- canonical/sudo project sudo
- version/sudo project sudo/1.9.0
- vendor/netapp
- canonical/netapp hci management node
- canonical/netapp solidfire
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/32
- version/fedoraproject fedora/33