CVE-2021-23240 – selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user …

Vuln ID: CVE-2021-23240

Published:  2021-01-12  09:15:14Z

Description: selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local unprivileged user to gain file ownership and escalate privileges by replacing a temporary file with a symlink to an arbitrary file target. This affects SELinux RBAC support in permissive mode. Machines without SELinux are not vulnerable.

Source: NVD.NIST.GOV