jiachao2130/cvrf2cusa
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
cvrf2cusa/cvrf/2022/cvrf-openEuler-SA-2022-1897.xml
Jia Chao 0b34274085 git mv 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-07-25 09:57:37 +08:00

231 lines
18 KiB
XML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<cvrfdoc xmlns="http://www.icasi.org/CVRF/schema/cvrf/1.1" xmlns:cvrf="http://www.icasi.org/CVRF/schema/cvrf/1.1">
<DocumentTitle xml:lang="en">An update for rpm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS</DocumentTitle>
<DocumentType>Security Advisory</DocumentType>
<DocumentPublisher Type="Vendor">
<ContactDetails>openeuler-security@openeuler.org</ContactDetails>
<IssuingAuthority>openEuler security committee</IssuingAuthority>
</DocumentPublisher>
<DocumentTracking>
<Identification>
<ID>openEuler-SA-2022-1897</ID>
</Identification>
<Status>Final</Status>
<Version>1.0</Version>
<RevisionHistory>
<Revision>
<Number>1.0</Number>
<Date>2022-09-08</Date>
<Description>Initial</Description>
</Revision>
</RevisionHistory>
<InitialReleaseDate>2022-09-08</InitialReleaseDate>
<CurrentReleaseDate>2022-09-08</CurrentReleaseDate>
<Generator>
<Engine>openEuler SA Tool V1.0</Engine>
<Date>2022-09-08</Date>
</Generator>
</DocumentTracking>
<DocumentNotes>
<Note Title="Synopsis" Type="General" Ordinal="1" xml:lang="en">rpm security update</Note>
<Note Title="Summary" Type="General" Ordinal="2" xml:lang="en">An update for rpm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS.</Note>
<Note Title="Description" Type="General" Ordinal="3" xml:lang="en">The RPM Package Manager (RPM) is a powerful package management system capability as below
Security Fix(es):
A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2021-35937)
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2021-35939)
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.(CVE-2021-35938)</Note>
<Note Title="Topic" Type="General" Ordinal="4" xml:lang="en">An update for rpm is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.</Note>
<Note Title="Severity" Type="General" Ordinal="5" xml:lang="en">High</Note>
<Note Title="Affected Component" Type="General" Ordinal="6" xml:lang="en">rpm</Note>
</DocumentNotes>
<DocumentReferences>
<Reference Type="Self">
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1897</URL>
</Reference>
<Reference Type="openEuler CVE">
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-35937</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-35939</URL>
<URL>https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2021-35938</URL>
</Reference>
<Reference Type="Other">
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-35937</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-35939</URL>
<URL>https://nvd.nist.gov/vuln/detail/CVE-2021-35938</URL>
</Reference>
</DocumentReferences>
<ProductTree xmlns="http://www.icasi.org/CVRF/schema/prod/1.1">
<Branch Type="Product Name" Name="openEuler">
<FullProductName ProductID="openEuler-20.03-LTS-SP1" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">openEuler-20.03-LTS-SP1</FullProductName>
<FullProductName ProductID="openEuler-20.03-LTS-SP3" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">openEuler-20.03-LTS-SP3</FullProductName>
<FullProductName ProductID="openEuler-22.03-LTS" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">openEuler-22.03-LTS</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="aarch64">
<FullProductName ProductID="rpm-devel-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-devel-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-rpm-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python2-rpm-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-plugin-systemd-inhibit-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-plugin-systemd-inhibit-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-debugsource-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-debugsource-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-debuginfo-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-debuginfo-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-libs-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-libs-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-build-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-build-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-rpm-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python3-rpm-4.15.1-28.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-libs-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-libs-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python2-rpm-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-rpm-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-plugin-systemd-inhibit-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-plugin-systemd-inhibit-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-devel-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-devel-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-debuginfo-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-debuginfo-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-rpm-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-rpm-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-debugsource-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-debugsource-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-build-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-build-4.15.1-37.oe1.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-devel-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-devel-4.17.0-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-build-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-build-4.17.0-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-libs-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-libs-4.17.0-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-4.17.0-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-debuginfo-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-debuginfo-4.17.0-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-debugsource-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-debugsource-4.17.0-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="python3-rpm-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">python3-rpm-4.17.0-14.oe2203.aarch64.rpm</FullProductName>
<FullProductName ProductID="rpm-plugin-systemd-inhibit-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-plugin-systemd-inhibit-4.17.0-14.oe2203.aarch64.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="noarch">
<FullProductName ProductID="rpm-help-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-help-4.15.1-28.oe1.noarch.rpm</FullProductName>
<FullProductName ProductID="rpm-help-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-help-4.15.1-37.oe1.noarch.rpm</FullProductName>
<FullProductName ProductID="rpm-help-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-help-4.17.0-14.oe2203.noarch.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="src">
<FullProductName ProductID="rpm-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-4.15.1-28.oe1.src.rpm</FullProductName>
<FullProductName ProductID="rpm-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-4.15.1-37.oe1.src.rpm</FullProductName>
<FullProductName ProductID="rpm-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-4.17.0-14.oe2203.src.rpm</FullProductName>
</Branch>
<Branch Type="Package Arch" Name="x86_64">
<FullProductName ProductID="python2-rpm-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python2-rpm-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-debuginfo-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-debuginfo-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-debugsource-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-debugsource-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-plugin-systemd-inhibit-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-plugin-systemd-inhibit-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-rpm-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">python3-rpm-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-devel-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-devel-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-build-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-build-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-libs-4.15.1-28" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP1">rpm-libs-4.15.1-28.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-debugsource-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-debugsource-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-devel-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-devel-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-plugin-systemd-inhibit-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-plugin-systemd-inhibit-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-rpm-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python3-rpm-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-build-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-build-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-libs-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-libs-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="python2-rpm-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">python2-rpm-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-debuginfo-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-debuginfo-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-4.15.1-37" CPE="cpe:/a:openEuler:openEuler:20.03-LTS-SP3">rpm-4.15.1-37.oe1.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-build-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-build-4.17.0-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-debuginfo-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-debuginfo-4.17.0-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-devel-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-devel-4.17.0-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="python3-rpm-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">python3-rpm-4.17.0-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-debugsource-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-debugsource-4.17.0-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-4.17.0-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-plugin-systemd-inhibit-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-plugin-systemd-inhibit-4.17.0-14.oe2203.x86_64.rpm</FullProductName>
<FullProductName ProductID="rpm-libs-4.17.0-14" CPE="cpe:/a:openEuler:openEuler:22.03-LTS">rpm-libs-4.17.0-14.oe2203.x86_64.rpm</FullProductName>
</Branch>
</ProductTree>
<Vulnerability Ordinal="1" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="1" xml:lang="en">A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.</Note>
</Notes>
<ReleaseDate>2022-09-08</ReleaseDate>
<CVE>CVE-2021-35937</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
<ProductID>openEuler-22.03-LTS</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>Medium</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>6.4</BaseScore>
<Vector>AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>rpm security update</Description>
<DATE>2022-09-08</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1897</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="2" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="2" xml:lang="en">It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to be created. A local unprivileged user who owns another ancestor directory could potentially use this flaw to gain root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.</Note>
</Notes>
<ReleaseDate>2022-09-08</ReleaseDate>
<CVE>CVE-2021-35939</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
<ProductID>openEuler-22.03-LTS</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.8</BaseScore>
<Vector>AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>rpm security update</Description>
<DATE>2022-09-08</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1897</URL>
</Remediation>
</Remediations>
</Vulnerability>
<Vulnerability Ordinal="3" xmlns="http://www.icasi.org/CVRF/schema/vuln/1.1">
<Notes>
<Note Title="Vulnerability Description" Type="General" Ordinal="3" xml:lang="en">A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.</Note>
</Notes>
<ReleaseDate>2022-09-08</ReleaseDate>
<CVE>CVE-2021-35938</CVE>
<ProductStatuses>
<Status Type="Fixed">
<ProductID>openEuler-20.03-LTS-SP1</ProductID>
<ProductID>openEuler-20.03-LTS-SP3</ProductID>
<ProductID>openEuler-22.03-LTS</ProductID>
</Status>
</ProductStatuses>
<Threats>
<Threat Type="Impact">
<Description>High</Description>
</Threat>
</Threats>
<CVSSScoreSets>
<ScoreSet>
<BaseScore>7.8</BaseScore>
<Vector>AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H</Vector>
</ScoreSet>
</CVSSScoreSets>
<Remediations>
<Remediation Type="Vendor Fix">
<Description>rpm security update</Description>
<DATE>2022-09-08</DATE>
<URL>https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1897</URL>
</Remediation>
</Remediations>
</Vulnerability>
</cvrfdoc>
Reference in New Issue View Git Blame Copy Permalink