TencentOS Server 3: rpm (TSSA-2024:0057)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0057 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Linux Distros Unpatched Vulnerability : CVE-2021-35937

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to...

CVE-2021-35937 affecting package rpm 4.14.2-15

CVE-2021-35937 affecting package rpm 4.14.2-15. This CVE either no longer is or was never applicable...

Security Bulletin: IBM Storage Ceph is vulnerable to Improper Link Resolution Before File Access or Time-of-check Time-of-use Race Condition in the RHEL UBI (CVE-2021-35937)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2021-35937 Vulnerability Details CVEID:CVE-2021-35937 DESCRIPTION: RPM Project RPM could allow a local authenticated attacker to...

CLSA-2024-1721124939 rpm: Fix of CVE-2021-35937

CVE-2021-35937: fix a possible privilege escalation through a symlink check race condition...

Medium: rpm

Issue Overview: A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data...

RLSA-2024:0647 Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

rpm security update

An update is available for rpm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The RPM Package Manager RPM is a command-line driven package management system...

AlmaLinux 8 : rpm (ALSA-2024:0647)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0647 advisory. - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

ALSA-2024:0647 Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

AlmaLinux 9 : rpm (ALSA-2024:0463)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0463 advisory. - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2024:0463 Moderate: rpm security update

The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fixes: rpm: TOCTOU race in checks for unsafe symlinks CVE-2021-35937 rpm: races with chown/chmod/capabilities calls...

rpm security update

4.16.1.3-27 - TOCTOU race in checks for unsafe symlinks CVE-2021-35937 - races with chown/chmod/capabilities calls during installation CVE-2021-35938 - checks for unsafe symlinks are not performed for intermediary directories CVE-2021-35939...