Oval Definition:oval:org.opensuse.security:def:92749
Revision Date:2021-01-26Version:1
Title:Security update for sudo (Important)
Description:

This update for sudo fixes the following issues:

- A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156] - It was possible for a user to test for the existence of a directory due to a Race Condition in `sudoedit` [bsc#1180684,CVE-2021-23239] - A Possible Symlink Attack vector existed in `sudoedit` if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240] - It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]
Family:unixClass:patch
Status:Reference(s):1180684
1180685
1180687
1181090
CVE-2021-23239
CVE-2021-23240
CVE-2021-3156
SUSE-SU-2021:0227-1
Platform(s):SUSE Linux Enterprise Server for SAP Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • sudo-1.8.22-4.15.1 is installed
  • OR sudo-devel-1.8.22-4.15.1 is installed
    • BACK