{"id":"CVE-2022-29527","details":"Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.","modified":"2026-04-10T04:52:12.826078Z","published":"2022-04-20T10:15:08.073Z","related":["SUSE-SU-2022:1510-1","SUSE-SU-2022:3654-1","openSUSE-SU-2024:12012-1"],"references":[{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1196556"},{"type":"FIX","url":"https://github.com/aws/amazon-ssm-agent/commit/0fe8ae99b2ff25649c7b86d3bc05fc037400aca7"},{"type":"FIX","url":"https://github.com/aws/amazon-ssm-agent/releases/tag/3.1.1208.0"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/aws/amazon-ssm-agent","events":[{"introduced":"0"},{"fixed":"b3a8f2b875b989032909ba128145a4ceb30754fd"},{"fixed":"0fe8ae99b2ff25649c7b86d3bc05fc037400aca7"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3.1.1208.0"}]}}],"versions":["2.0.599.0","2.0.672.0","2.0.755.0","2.0.767.0","2.0.790.0","2.0.796.0","2.0.805.0","2.2.325.0","2.2.355.0","2.2.392.0","2.2.493.0","2.2.546.0","2.2.607.0","2.2.619.0","2.2.800.0","2.3.117.0","2.3.136.0","2.3.193.0","2.3.50.0","2.3.68.0","3.0.1031.0","3.0.1124.0","3.0.1181.0","3.0.1209.0","3.0.1295.0","3.0.1390.0","3.0.222.0","3.0.502.0","3.0.529.0","3.0.603.0","3.0.655.0","3.0.732.0","3.0.755.0","3.0.854.0","3.0.882.0","3.1.1004.0","3.1.1045.0","3.1.1080.0","3.1.1141.0","3.1.1188.0","3.1.127.0","3.1.192.0","3.1.282.0","3.1.338.0","3.1.426.0","3.1.459.0","3.1.501.0","3.1.630.0","3.1.634.0","3.1.715.0","3.1.804.0","3.1.821.0","3.1.90.0","3.1.941.0","v1.1.145.0","v1.1.146.0","v1.2.252.0","v1.2.290.0","v2.0.633.0","v2.0.755.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-29527.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}