Back to search
CVE-2010-2199
Published: Jun 8, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to bypass intended access restrictions by creating a hard link to a vulnerable file that has a POSIX ACL, a related issue to CVE-2010-2059.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
rpm-fsm-security-bypass(59416)
vdb-entry
x_refsource_XF
https://bugzilla.redhat.com/show_bug.cgi?id=125517
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now