CVE-2010-2198

EPSS 0.05%
Veröffentlicht 08.06.2010 18:30:10
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by creating a hard link to a vulnerable file that has (1) POSIX file capabilities or (2) SELinux context information, a related issue to CVE-2010-2059.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Rpm ≫ Rpm Version1.2

Rpm ≫ Rpm Version1.3

Rpm ≫ Rpm Version1.3.1

Rpm ≫ Rpm Version1.4

Rpm ≫ Rpm Version1.4.2

Rpm ≫ Rpm Version1.4.3

Rpm ≫ Rpm Version1.4.4

Rpm ≫ Rpm Version1.4.5

Rpm ≫ Rpm Version1.4.6

Rpm ≫ Rpm Version1.4.7

Rpm ≫ Rpm Version2..4.10

Rpm ≫ Rpm Version2.0

Rpm ≫ Rpm Version2.0.1

Rpm ≫ Rpm Version2.0.2

Rpm ≫ Rpm Version2.0.3

Rpm ≫ Rpm Version2.0.4

Rpm ≫ Rpm Version2.0.5

Rpm ≫ Rpm Version2.0.6

Rpm ≫ Rpm Version2.0.7

Rpm ≫ Rpm Version2.0.8

Rpm ≫ Rpm Version2.0.9

Rpm ≫ Rpm Version2.0.10

Rpm ≫ Rpm Version2.0.11

Rpm ≫ Rpm Version2.1

Rpm ≫ Rpm Version2.1.1

Rpm ≫ Rpm Version2.1.2

Rpm ≫ Rpm Version2.2

Rpm ≫ Rpm Version2.2.1

Rpm ≫ Rpm Version2.2.2

Rpm ≫ Rpm Version2.2.3

Rpm ≫ Rpm Version2.2.3.10

Rpm ≫ Rpm Version2.2.3.11

Rpm ≫ Rpm Version2.2.4

Rpm ≫ Rpm Version2.2.5

Rpm ≫ Rpm Version2.2.6

Rpm ≫ Rpm Version2.2.7

Rpm ≫ Rpm Version2.2.8

Rpm ≫ Rpm Version2.2.9

Rpm ≫ Rpm Version2.2.10

Rpm ≫ Rpm Version2.2.11

Rpm ≫ Rpm Version2.3

Rpm ≫ Rpm Version2.3.1

Rpm ≫ Rpm Version2.3.2

Rpm ≫ Rpm Version2.3.3

Rpm ≫ Rpm Version2.3.4

Rpm ≫ Rpm Version2.3.5

Rpm ≫ Rpm Version2.3.6

Rpm ≫ Rpm Version2.3.7

Rpm ≫ Rpm Version2.3.8

Rpm ≫ Rpm Version2.3.9

Rpm ≫ Rpm Version2.4.1

Rpm ≫ Rpm Version2.4.2

Rpm ≫ Rpm Version2.4.3

Rpm ≫ Rpm Version2.4.4

Rpm ≫ Rpm Version2.4.5

Rpm ≫ Rpm Version2.4.6

Rpm ≫ Rpm Version2.4.8

Rpm ≫ Rpm Version2.4.9

Rpm ≫ Rpm Version2.4.11

Rpm ≫ Rpm Version2.4.12

Rpm ≫ Rpm Version2.5

Rpm ≫ Rpm Version2.5.1

Rpm ≫ Rpm Version2.5.2

Rpm ≫ Rpm Version2.5.3

Rpm ≫ Rpm Version2.5.4

Rpm ≫ Rpm Version2.5.5

Rpm ≫ Rpm Version2.5.6

Rpm ≫ Rpm Version2.6.7

Rpm ≫ Rpm Version3.0

Rpm ≫ Rpm Version3.0.1

Rpm ≫ Rpm Version3.0.2

Rpm ≫ Rpm Version3.0.3

Rpm ≫ Rpm Version3.0.4

Rpm ≫ Rpm Version3.0.5

Rpm ≫ Rpm Version3.0.6

Rpm ≫ Rpm Version4.0.

Rpm ≫ Rpm Version4.0.1

Rpm ≫ Rpm Version4.0.2

Rpm ≫ Rpm Version4.0.3

Rpm ≫ Rpm Version4.0.4

Rpm ≫ Rpm Version4.1

Rpm ≫ Rpm Version4.3.3

Rpm ≫ Rpm Version4.4.2

Rpm ≫ Rpm Version4.4.2.1

Rpm ≫ Rpm Version4.4.2.2

Rpm ≫ Rpm Version4.4.2.3

Rpm ≫ Rpm Version <= 4.8.0

Rpm ≫ Rpm Version4.6.0

Rpm ≫ Rpm Version4.6.1

Rpm ≫ Rpm Version4.7.0

Rpm ≫ Rpm Version4.7.1

Rpm ≫ Rpm Version4.7.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.117

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

https://bugzilla.redhat.com/show_bug.cgi?id=598775

http://marc.info/?l=oss-security&m=127559059928131&w=2

http://secunia.com/advisories/40028

Vendor Advisory

http://www.openwall.com/lists/oss-security/2010/06/02/3

http://www.openwall.com/lists/oss-security/2010/06/03/5

http://www.openwall.com/lists/oss-security/2010/06/04/1

http://rpm.org/gitweb?p=rpm.git%3Ba=commit%3Bh=4d172a194addc49851e558ea390d3045894e3230

http://www.osvdb.org/65144

https://nvd.nist.gov/vuln/detail/CVE-2010-2198

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-2198

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-2198

EUVD