Unity Linux 20.1060e / 20.1070e Security Update: rpm (UTSA-2026-017662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017662 advisory. A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from...

Astra Linux – Vulnerability in rpm

A flaw was discovered in RPM’shdrblobInit function in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The greatest threat from this vulnerability is to system availability...

MiracleLinux 8 : rpm-4.14.3-19.el8 (AXSA:2021-2714:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2714:08 advisory. rpm: missing length checks in hdrblobInit CVE-2021-20266 Tenable has extracted the preceding description block directly from the MiracleLinux security...

SUSE CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

CLSA-2022-1644869807 Fix of CVE: CVE-2021-3521, CVE-2021-20266

CVE-2021-20266: missing length checks in hdrblobInit - CVE-2021-3521: RPM does not require subkeys to have a valid binding signature - Address important covscan issues 1996665, 2022537...

rpm: missing length checks in hdrblobInit()

A flaw was found in RPM’s hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

Advisory ROSA-SA-2021-1963

Software: rpm 4.11.3 OS: Cobalt 7.9 CVE-ID: CVE-2017-7501 CVE-Crit: HIGH CVE-DESC: It was discovered that rpm versions prior to 4.13.0.2 use temporary files with predictable names when installing RPM. An attacker with the ability to write to the directory where the files will be installed could...

EulerOS Virtualization for ARM 64 3.0.6.0 : rpm (EulerOS-SA-2021-2015)

According to the versions of the rpm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can...

A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability.

...

CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

DEBIAN-CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

Out-of-bounds

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

UBUNTU-CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

CVE-2021-20266

CVE-2021-20266 affects the RPM package manager via a flaw in RPM’s hdrblobInit() implemented in lib/header.c. A local attacker who can modify the rpmdb can trigger an out-of-bounds read, with the highest impact on system availability. Connected advisories confirm this vulnerability across multipl...

CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

CVE-2021-20266

A flaw was found in RPM's hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability...

Denial Of Service (DoS)

rpm:edge is vulnerable to denial of service. A flaw was found in RPMs hdrblobInit in lib/header.c, allowing an attacker to modify the rpmdb to cause an out-of-bounds read...

CVE-2021-20266

A flaw was found in RPM’s hdrblobInit in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability. Mitigation If using the headerCheck and headerImport APIs in your software, do not run...

PT-2021-7696 · Rpm +10 · Rpm +10

Name of the Vulnerable Software and Affected Versions: RPM affected versions not specified Description: A flaw was found in RPM's hdrblobInit function in lib/header.c, which allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is t...