A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rpm rpm |
||
fedoraproject fedora 34 |
||
redhat enterprise linux 7.0 |
||
redhat enterprise linux 8.0 |
||
redhat enterprise linux 9.0 |