CVE-2021-35937

A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Link Following
TOCTOU
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.4 MEDIUM
LOCAL
HIGH
HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
rpmrpm
𝑥
< 4.18.0
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
redhatenterprise_linux
8.0
redhatenterprise_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
rpm
bookworm
4.18.0+dfsg-1+deb12u1
ignored
bullseye
ignored
buster
ignored
sid
4.20.0+dfsg-3
fixed
stretch
no-dsa
trixie
4.20.0+dfsg-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
rpm
bionic
needs-triage
focal
needs-triage
groovy
ignored
hirsute
ignored
impish
ignored
jammy
needs-triage
kinetic
ignored
lunar
not-affected
mantic
not-affected
noble
not-affected
trusty
needs-triage
xenial
needs-triage
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
python3-rpm
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-apidocs
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-build
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-build-libs
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-cron
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-devel
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-libs
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-plugin-audit
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-plugin-fapolicyd
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-plugin-ima
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-plugin-prioreset
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
rpm-plugin-selinux
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-plugin-syslog
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-plugin-systemd-inhibit
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-sign
RHEL 8
0:4.14.3-28.el8_9
fixed
RHEL 8.6 AUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 E4S
0:4.14.3-26.el8_6
fixed
RHEL 8.6 EUS
0:4.14.3-26.el8_6
fixed
RHEL 8.6 TUS
0:4.14.3-26.el8_6
fixed
RHEL 8.8 AUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 E4S
0:4.14.3-28.el8_8
fixed
RHEL 8.8 EUS
0:4.14.3-28.el8_8
fixed
RHEL 8.8 TUS
0:4.14.3-28.el8_8
fixed
RHEL 9
0:4.16.1.3-27.el9_3
fixed
rpm-sign-libs
RHEL 9
0:4.16.1.3-27.el9_3
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2021-35937
https://bugzilla.redhat.com/show_bug.cgi?id=1964125
https://rpm.org/wiki/Releases/4.18.0
https://security.gentoo.org/glsa/202210-22
https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf
https://access.redhat.com/security/cve/CVE-2021-35937
https://bugzilla.redhat.com/show_bug.cgi?id=1964125
https://rpm.org/wiki/Releases/4.18.0
https://security.gentoo.org/glsa/202210-22
https://www.usenix.org/legacy/event/sec05/tech/full_papers/borisov/borisov.pdf