Lucene search
Veracode Vulnerability DatabaseVERACODE:29798HistoryMar 23, 2021 - 5:19 p.m.
Arbitrary Code Execution
2021-03-2317:19:29
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
21
arbitrary code execution
rpm vulnerability
database corruption
malicious signature header
EPSS
0.002
Percentile
61.2%
rpm is vulnerable to arbitrary code execution. An attacker who successfully convinces a victim to install a verifiable package with malicious signature header is able to cause RPM database corruption and execute code.
References
bugzilla.redhat.com/show_bug.cgi?id=1934125
github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21
lists.fedoraproject.org/archives/list/[email protected]/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/
lists.fedoraproject.org/archives/list/[email protected]/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/
lists.fedoraproject.org/archives/list/[email protected]/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/
secdb.alpinelinux.org/v3.13/community.yaml
security.gentoo.org/glsa/202107-43
Related
nessus
nessus
RHEL 7 : rpm (RHSA-2021:4975)
2021-12-08 00:00:00
RHEL 7 : rpm (RHSA-2021:4771)
2021-11-23 00:00:00
CentOS 7 : rpm (CESA-2021:4785)
2021-12-01 00:00:00
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-2.0-0338
2021-04-19 00:00:00
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2021-1.0-0383
2021-04-21 00:00:00
Important Photon OS Security Update - PHSA-2021-0338
2021-04-15 00:00:00
cbl_mariner
cbl_mariner
CVE-2021-20271 affecting package rpm 4.14.2-11
2021-05-06 23:56:44
openvas
openvas
CentOS: Security Advisory for rpm (CESA-2021:4785)
2021-12-02 00:00:00
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2021-2876)
2021-12-31 00:00:00
Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2022-1143)
2022-02-13 00:00:00
redhatcve
redhatcve
CVE-2021-20271
2021-03-11 23:03:45
ubuntucve
ubuntucve
CVE-2021-20271
2021-03-26 00:00:00
redhat
redhat
(RHSA-2021:4975) Moderate: rpm security update
2021-12-07 11:32:50
(RHSA-2021:4771) Moderate: rpm security update
2021-11-23 11:55:58
(RHSA-2021:4785) Moderate: rpm security update
2021-11-23 14:40:26
f5
f5
K10396196 : Linux RPM vulnerability CVE-2021-20271
2022-01-05 00:00:00
cvelist
cvelist
CVE-2021-20271
2021-03-26 00:00:00
oraclelinux
oraclelinux
rpm security update
2021-06-30 00:00:00
rpm security update
2021-11-24 00:00:00
debiancve
debiancve
CVE-2021-20271
2021-03-26 17:15:13
prion
prion
Design/Logic Flaw
2021-03-26 17:15:00
almalinux
almalinux
Moderate: rpm security update
2021-06-29 13:43:23
ibm
ibm
cve
cve
CVE-2021-20271
2021-03-26 17:15:13
osv
osv
CVE-2021-20271
2021-03-26 17:15:13
Moderate: rpm security update
2021-06-29 13:43:23
rpm vulnerabilities
2022-07-21 06:56:30
alpinelinux
alpinelinux
CVE-2021-20271
2021-03-26 17:15:13
nvd
nvd
CVE-2021-20271
2021-03-26 17:15:13
centos
centos
rpm security update
2021-12-01 19:22:41
amazon
amazon
Medium: rpm
2021-07-08 18:38:00
Medium: rpm
2021-07-14 20:43:00
rocky
rocky
rpm security update
2021-06-29 13:43:23
fedora
fedora
[SECURITY] Fedora 32 Update: rpm-4.15.1.1-1.fc32.1
2021-04-07 15:26:31
[SECURITY] Fedora 34 Update: rpm-4.16.1.3-1.fc34
2021-03-30 00:17:25
[SECURITY] Fedora 33 Update: rpm-4.16.1.3-1.fc33
2021-03-30 14:31:25
suse
suse
Security update for rpm (important)
2021-10-18 00:00:00
Security update for libdnf (moderate)
2021-08-13 00:00:00
Security update for rpm (important)
2021-08-17 00:00:00
aix
aix
mageia
mageia
Updated rpm packages fix security vulnerabilities
2021-04-02 13:16:21
ubuntu
ubuntu
RPM Package Manager vulnerabilities
2022-07-21 00:00:00
gentoo
gentoo
RPM: Multiple vulnerabilities
2021-07-20 00:00:00