6.7

CVE-2021-35938

Exploit
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RpmRpm Version < 4.18.0
FedoraprojectFedora Version34
RedhatEnterprise Linux Version7.0
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.49% 0.382
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

https://security.gentoo.org/glsa/202210-22
Third Party Advisory
https://rpm.org/wiki/Releases/4.18.0
Release Notes
https://access.redhat.com/security/cve/CVE-2021-35938
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1964114
Vendor Advisory
Issue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=1157880
Third Party Advisory
Exploit
Issue Tracking
https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033
Patch
Third Party Advisory
https://github.com/rpm-software-management/rpm/pull/1919
Patch
Third Party Advisory