Advisories » MGASA-2021-0042

Updated sudo packages fix security vulnerabilities

Publication date: 17 Jan 2021
Modification date: 17 Jan 2021
Type: security
Affected Mageia releases : 7
CVE: CVE-2021-23239 , CVE-2021-23240

Description

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged
user to perform arbitrary directory-existence tests by winning a sudo_edit.c
race condition in replacing a user-controlled directory by a symlink to an
arbitrary path. (CVE-2021-23239).

selinux_edit_copy_tfiles in sudoedit in Sudo before 1.9.5 allows a local
unprivileged user to gain file ownership and escalate privileges by replacing
a temporary file with a symlink to an arbitrary file target. This affects
SELinux RBAC support in permissive mode. Machines without SELinux are not
vulnerable. (CVE-2021-23240).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=28067
• https://www.openwall.com/lists/oss-security/2021/01/11/2
• https://www.sudo.ws/stable.html
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23239
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23240

SRPMS

7/core

• sudo-1.9.5-1.mga7