Michael Schröder

**Name of the Vulnerable Software and Affected Versions** popt version 1.9.1 RPM versions prior to 4.4.3 **Description** The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely. A local user may gain privileges by creating a hard link to a vulnerable setuid or setgid file during the removal of an RPM package. **Recommendations** For popt version 1.9.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For RPM versions prior to 4.4.3, update to version 4.4.3 or later to resolve the issue. As a temporary workaround, consider restricting access to setuid and setgid files to minimize the risk of exploitation.