Lucene search
RedhatCVELIST:CVE-2021-20197HistoryMar 26, 2021 - 4:47 p.m.
CVE-2021-20197
2021-03-2616:47:20
CWE-59
redhat
www.cve.org
2
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.
CNA Affected
[
{
"product": "binutils",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "binutils 2.35"
}
]
}
]Related
debiancve
debiancve
CVE-2021-20197
2021-03-26 17:15:12
prion
prion
Open redirect
2021-03-26 17:15:00
alpinelinux
alpinelinux
CVE-2021-20197
2021-03-26 17:15:00
cve
cve
CVE-2021-20197
2021-03-26 17:15:12
openvas
openvas
Fedora: Security Advisory for mingw-binutils (FEDORA-2021-354441fcdd)
2021-02-06 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-2047)
2021-07-01 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1964)
2021-06-07 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: mingw-binutils-2.34-7.fc33
2021-02-06 01:18:28
osv
osv
CVE-2021-20197
2021-03-26 17:15:12
Moderate: binutils security update
2021-11-09 09:11:20
Moderate: binutils security update
2021-11-09 09:11:20
veracode
veracode
Privilege Escalation
2021-08-16 17:57:00
ubuntucve
ubuntucve
CVE-2021-20197
2021-03-26 00:00:00
nessus
nessus
Fedora 33 : mingw-binutils (2021-354441fcdd)
2021-02-08 00:00:00
EulerOS 2.0 SP9 : binutils (EulerOS-SA-2021-2047)
2021-07-01 00:00:00
EulerOS 2.0 SP9 : binutils (EulerOS-SA-2021-2058)
2021-07-01 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-20197 affecting package binutils 2.32-5
2021-06-09 03:50:42
nvd
nvd
CVE-2021-20197
2021-03-26 17:15:12
redhatcve
redhatcve
CVE-2021-20197
2021-01-26 21:11:10
mageia
mageia
Updated binutils packages fix security vulnerabilities
2021-07-12 23:26:21
rocky
rocky
binutils security update
2021-11-09 09:11:20
oraclelinux
oraclelinux
binutils security update
2021-11-16 00:00:00
redhat
redhat
(RHSA-2021:4364) Moderate: binutils security update
2021-11-09 09:11:20
(RHSA-2021:5137) Moderate: Openshift Logging Security Release (5.0.10)
2021-12-14 21:31:08
almalinux
almalinux
Moderate: binutils security update
2021-11-09 09:11:20
ibm
ibm
gentoo
gentoo
GNU Binutils: Multiple Vulnerabilities
2022-08-14 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-4.0-0426
2023-07-13 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0414
2023-06-20 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0601
2023-06-20 00:00:00
suse
suse
Security update for binutils (moderate)
2021-11-15 00:00:00
Security update for binutils (moderate)
2021-11-04 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1808
2021-07-02 16:33:56