A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
[
{
"vendor": "n/a",
"product": "RPM",
"versions": [
{
"version": "Fixed in rpm v4.18.0",
"status": "affected"
}
]
}
]