CVE-2021-3421

Updated: 2023-11-07 19:06:40.440938

Description:

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x MEDIUM 4.3
CVSS Version 3.x MEDIUM 5.5

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU rpm 4.16.1.3 5.5 MEDIUM Ignored 2023-11-08 04:07:51
CentOS 6 ELS rpm 4.8.0 5.5 MEDIUM Ignored 2021-11-02 14:03:18
CentOS 7 ELS rpm 4.11.3 5.5 MEDIUM Ignored 2023-09-19 09:30:15
CentOS 8.4 ELS rpm 4.14.3-14 5.5 MEDIUM Already Fixed 2023-10-27 11:23:53
CentOS 8.5 ELS rpm 4.14.3-19 5.5 MEDIUM Already Fixed 2023-11-07 04:07:02
CloudLinux 6 ELS rpm 4.8.0 5.5 MEDIUM Ignored 2021-11-02 14:03:18
Oracle Linux 6 ELS rpm 4.8.0 5.5 MEDIUM Ignored 2021-11-02 14:03:18