Vulnerability Details : CVE-2021-20271
A flaw was found in RPM's signature check functionality when reading a package file. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package, whose signature header was modified, to cause RPM database corruption and execute code. The highest threat from this vulnerability is to data integrity, confidentiality, and system availability.
Vulnerability category: Execute code
Products affected by CVE-2021-20271
- cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:*:*:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:4.15.0:alpha:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:4.15.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:4.15.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:4.16.0:alpha:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:4.16.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:4.16.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:rpm:rpm:4.16.0:rc1:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
- cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14398:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2021-20271
0.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 39 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2021-20271
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.1
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:P |
4.9
|
6.4
|
NIST | |
|
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
CWE ids for CVE-2021-20271
-
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.Assigned by:
- nvd@nist.gov (Secondary)
- secalert@redhat.com (Primary)
References for CVE-2021-20271
-
https://security.gentoo.org/glsa/202107-43
RPM: Multiple vulnerabilities (GLSA 202107-43) — Gentoo securityThird Party Advisory
-
https://github.com/rpm-software-management/rpm/commit/d6a86b5e69e46cc283b1e06c92343319beb42e21
Be much more careful about copying data from the signature header · rpm-software-management/rpm@d6a86b5 · GitHubPatch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/
[SECURITY] Fedora 34 Update: rpm-4.16.1.3-1.fc34 - package-announce - Fedora Mailing-Lists
-
https://www.starwindsoftware.com/security/sw-20220805-0002/
CVE-2021-20271 RPM issue in StarWind productsThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/
[SECURITY] Fedora 33 Update: rpm-4.16.1.3-1.fc33 - package-announce - Fedora Mailing-Lists
-
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/
[SECURITY] Fedora 32 Update: rpm-4.15.1.1-1.fc32.1 - package-announce - Fedora Mailing-Lists
-
https://bugzilla.redhat.com/show_bug.cgi?id=1934125
1934125 – (CVE-2021-20271) CVE-2021-20271 rpm: Signature checks bypass via corrupted rpm packageIssue Tracking;Patch;Third Party Advisory
Jump to