Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceopenSUSE-SU-2021:0169-1

openSUSE-SU-2021:0169-1

UNKNOWN

Security update for sudo

Published Jan 27, 2021

Modified 5 years ago

Fix available

Details

This update for sudo fixes the following issues:

A Heap-based buffer overflow in sudo could be exploited to allow a user to gain root privileges [bsc#1181090,CVE-2021-3156]
It was possible for a user to test for the existence of a directory due to a Race Condition in sudoedit [bsc#1180684,CVE-2021-23239]
A Possible Symlink Attack vector existed in sudoedit if SELinux was running in permissive mode [bsc#1180685, CVE-2021-23240]
It was possible for a User to enable Debug Settings not Intended for them [bsc#1180687]

This update was imported from the SUSE:SLE-15:Update update project.

Affected Packages

sudo

openSUSE Leap 15.1

Fixed in:

1.8.22-lp151.5.12.1

sudo-devel

openSUSE Leap 15.1

Fixed in:

1.8.22-lp151.5.12.1

sudo-test

openSUSE Leap 15.1

Fixed in:

1.8.22-lp151.5.12.1

References

https://bugzilla.suse.com/1180684

https://bugzilla.suse.com/1180685

https://bugzilla.suse.com/1180687

https://bugzilla.suse.com/1181090

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7OQJUG5Z7K425IKZS5GT4KPIBGTT4JMW/

https://www.suse.com/security/cve/CVE-2021-23239

https://www.suse.com/security/cve/CVE-2021-23240

https://www.suse.com/security/cve/CVE-2021-3156

Upstream

CVE-2021-23239 CVE-2021-23240 CVE-2021-3156

Related

CVE-2021-23239 CVE-2021-23240 CVE-2021-3156

Ecosystems

openSUSE Leap 15.1

Timeline

PublishedJan 27, 2021

ModifiedJan 27, 2021

openSUSE-SU-2021:0169-1 | Mondoo Vulnerability Intelligence