CVE-2021-23240

Description

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

7.8

Severity

High

Ecosystem

RPM

Publish Date

January 12, 2021

Modified Date

April 16, 2026

Score Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Versions