CVE-2021-35938

2022-08-2500:00:00

ubuntu.com

cve-2021-35938

rpm

privilege escalation

data integrity

symbolic link

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

32.1%

JSON

A symbolic link issue was found in rpm. It occurs when rpm sets the desired
permissions and credentials after installing a file. A local unprivileged
user could use this flaw to exchange the original file with a symbolic link
to a security-critical file and escalate their privileges on the system.
The highest threat from this vulnerability is to data confidentiality and
integrity as well as system availability.

Notes

Author	Note
seth-arnold	Only debugedit and librpmio9 binary packages are in main, and triaged with view to how they are used in the build process as described in https://bugs.launchpad.net/ubuntu/+source/rpm/+bug/1913871

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchrpm< anyUNKNOWN
ubuntu20.04noarchrpm< anyUNKNOWN
ubuntu22.04noarchrpm< anyUNKNOWN
ubuntu24.04noarchrpm< anyUNKNOWN
ubuntu14.04noarchrpm< anyUNKNOWN
ubuntu16.04noarchrpm< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	rpm	< any	UNKNOWN
ubuntu	20.04	noarch	rpm	< any	UNKNOWN
ubuntu	22.04	noarch	rpm	< any	UNKNOWN
ubuntu	24.04	noarch	rpm	< any	UNKNOWN
ubuntu	14.04	noarch	rpm	< any	UNKNOWN
ubuntu	16.04	noarch	rpm	< any	UNKNOWN