CVE-2010-2198 in RPM Package Manager
요약 (영어)
lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by creating a hard link to a vulnerable file that has (1) POSIX file capabilities or (2) SELinux context information, a related issue to CVE-2010-2059.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
예약하다
2010. 06. 08.
공개
2010. 06. 08.
상태
확인됨
엔트리
VulDB provides additional information and datapoints for this CVE:
| 아이디 | 취약성 | CWE | 악용 | 대책 | CVE |
|---|---|---|---|---|---|
| 5619 | Red Hat RPM Package Manager fsm.c 권한 상승 | 264 | 정의되지 않음 | 공식 수정 | CVE-2010-2198 |