CVE-2017-7501

It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation.
Link Following
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
rpmrpm
𝑥
< 4.13.0.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rpm
bookworm
unimportant
bullseye
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rpm
artful
ignored
bionic
not-affected
cosmic
ignored
disco
ignored
eoan
ignored
focal
not-affected
groovy
not-affected
hirsute
not-affected
impish
not-affected
jammy
not-affected
kinetic
not-affected
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
needed
xenial
needed
yakkety
ignored
zesty
ignored
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
python3-rpm
suse enterprise sap 12 SP1
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP3
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP4
4.11.2-16.21.1
fixed
suse enterprise server 12
4.11.2-16.21.1
fixed
suse enterprise server 12 SP1
4.11.2-16.21.1
fixed
suse enterprise server 12 SP2
4.11.2-16.21.1
fixed
suse enterprise server 12 SP3
4.11.2-16.21.1
fixed
suse enterprise server 12 SP4
4.11.2-16.21.1
fixed
rpm
suse enterprise sap 12 SP1
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP3
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP4
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP5
4.11.2-16.21.1
fixed
suse enterprise server 12
4.11.2-16.21.1
fixed
suse enterprise server 12 SP1
4.11.2-16.21.1
fixed
suse enterprise server 12 SP2
4.11.2-16.21.1
fixed
suse enterprise server 12 SP3
4.11.2-16.21.1
fixed
suse enterprise server 12 SP4
4.11.2-16.21.1
fixed
suse enterprise server 12 SP5
4.11.2-16.21.1
fixed
rpm-32bit
suse enterprise sap 12 SP1
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP3
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP4
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP5
4.11.2-16.21.1
fixed
suse enterprise server 12
4.11.2-16.21.1
fixed
suse enterprise server 12 SP1
4.11.2-16.21.1
fixed
suse enterprise server 12 SP2
4.11.2-16.21.1
fixed
suse enterprise server 12 SP3
4.11.2-16.21.1
fixed
suse enterprise server 12 SP4
4.11.2-16.21.1
fixed
suse enterprise server 12 SP5
4.11.2-16.21.1
fixed
rpm-build
suse enterprise sap 12 SP1
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP3
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP4
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP5
4.11.2-16.21.1
fixed
suse enterprise server 12
4.11.2-16.21.1
fixed
suse enterprise server 12 SP1
4.11.2-16.21.1
fixed
suse enterprise server 12 SP2
4.11.2-16.21.1
fixed
suse enterprise server 12 SP3
4.11.2-16.21.1
fixed
suse enterprise server 12 SP4
4.11.2-16.21.1
fixed
suse enterprise server 12 SP5
4.11.2-16.21.1
fixed
rpm-python
suse enterprise sap 12 SP1
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP3
4.11.2-16.21.1
fixed
suse enterprise sap 12 SP4
4.11.2-16.21.1
fixed
suse enterprise server 12
4.11.2-16.21.1
fixed
suse enterprise server 12 SP1
4.11.2-16.21.1
fixed
suse enterprise server 12 SP2
4.11.2-16.21.1
fixed
suse enterprise server 12 SP3
4.11.2-16.21.1
fixed
suse enterprise server 12 SP4
4.11.2-16.21.1
fixed
Common Weakness Enumeration
References
https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
https://security.gentoo.org/glsa/201811-22
https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc
https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E
https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E
https://security.gentoo.org/glsa/201811-22