CVE-2021-20266

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions RPM (affected versions not specified)

Description A flaw was found in RPM's hdrblobInit() function in lib/header.c, which allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability. Exploitation of the vulnerability may allow a remote attacker to cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2021:4489

ALT-PU-2021-2518

ALT-PU-2021-2600

BDU:2023-01670

CESA-2021_4489

CVE-2021-20266

MGASA-2021-0167

OESA-2021-1223

OPENSUSE-SU-2021:1366-1

OPENSUSE-SU-2021:2682-1

OPENSUSE-SU-2021_1366-1

OPENSUSE-SU-2021_2682-1

RHSA-2021:4489

RHSA-2021_4489

RLSA-2021:4489

SUSE-SU-2021:2682-1

SUSE-SU-2021:3444-1

SUSE-SU-2021_2682-1

SUSE-SU-2021_3444-1

SUSE-SU-2022:3939-1

SUSE-SU-2022_3939-1

USN-5273-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Ibm Aix

Linuxmint

Rpm

Red Hat

Rocky Linux

Suse

Ubuntu

CVE-2021-20266

Weakness Enumeration

Related Identifiers

Affected Products

References · 61