Alpaquita LinuxStreamSecurity Advisory
Search Cve

CVE-2021-3421

Published: August 31, 2023Last modified: August 31, 2023

Description

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

Severity score breakdown

ParameterValue
Base score5.5
Attack VectorLOCAL
Attack complexityLOW
Privileges requiredNONE
User interactionREQUIRED
ScopeUNCHANGED
ConfidentialityNONE
Integrity impactHIGH
Availability impactNONE
VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Status

ProductReleasePackageStatus
Alpaquita Linux23 LTSrpmNot affected (4.18.0-r2)
StreamrpmNot affected (4.18.1-r0)

References

ON THIS PAGE