CVE-2010-2198

First published: Tue Jun 01 2010(Updated: )

Common Vulnerabilities and Exposures assigned an identifier <a href="https://access.redhat.com/security/cve/CVE-2010-2198">CVE-2010-2198</a> to the following vulnerability: Name: <a href="https://access.redhat.com/security/cve/CVE-2010-2198">CVE-2010-2198</a> URL: <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2198">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2198</a> Assigned: 20100608 Reference: MLIST:[oss-security] 20100602 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED ERRATA - CVE-2010-2059 rpm: fails to drop SUID/SGID bits on package upgrade" href="show_bug.cgi?id=598775">BZ#598775</a>) Reference: URL: <a href="http://www.openwall.com/lists/oss-security/2010/06/02/3">http://www.openwall.com/lists/oss-security/2010/06/02/3</a> Reference: MLIST:[oss-security] 20100603 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED ERRATA - CVE-2010-2059 rpm: fails to drop SUID/SGID bits on package upgrade" href="show_bug.cgi?id=598775">BZ#598775</a>) Reference: URL: <a href="http://marc.info/?l=oss-security&m=127559059928131&w=2">http://marc.info/?l=oss-security&m=127559059928131&w=2</a> Reference: MLIST:[oss-security] 20100603 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED ERRATA - CVE-2010-2059 rpm: fails to drop SUID/SGID bits on package upgrade" href="show_bug.cgi?id=598775">BZ#598775</a>) Reference: URL: <a href="http://www.openwall.com/lists/oss-security/2010/06/03/5">http://www.openwall.com/lists/oss-security/2010/06/03/5</a> Reference: MLIST:[oss-security] 20100604 Re: CVE Request -- rpm -- Fails to remove the SUID/SGID bits on package upgrade (RH <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED ERRATA - CVE-2010-2059 rpm: fails to drop SUID/SGID bits on package upgrade" href="show_bug.cgi?id=598775">BZ#598775</a>) Reference: URL: <a href="http://www.openwall.com/lists/oss-security/2010/06/04/1">http://www.openwall.com/lists/oss-security/2010/06/04/1</a> Reference: CONFIRM: <a href="http://rpm.org/gitweb?p=rpm.git;a=commit;h=4d172a194addc49851e558ea390d3045894e3230">http://rpm.org/gitweb?p=rpm.git;a=commit;h=4d172a194addc49851e558ea390d3045894e3230</a> Reference: CONFIRM: <a class="bz_bug_link bz_status_CLOSED bz_closed bz_public " title="CLOSED ERRATA - CVE-2010-2059 rpm: fails to drop SUID/SGID bits on package upgrade" href="show_bug.cgi?id=598775">https://bugzilla.redhat.com/show_bug.cgi?id=598775</a> Reference: OSVDB:65144 Reference: URL: <a href="http://www.osvdb.org/65144">http://www.osvdb.org/65144</a> Reference: SECUNIA:40028 Reference: URL: <a href="http://secunia.com/advisories/40028">http://secunia.com/advisories/40028</a> lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by creating a hard link to a vulnerable file that has (1) POSIX file capabilities or (2) SELinux context information, a related issue to <a href="https://access.redhat.com/security/cve/CVE-2010-2059">CVE-2010-2059</a>.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Rpm Rpm	=2.3.5
Rpm Rpm	=4.4.2.1
Rpm Rpm	=1.4.3
Rpm Rpm	=3.0.1
Rpm Rpm	=4.1
Rpm Rpm	=2.2.3.11
Rpm Rpm	=2.4.4
Rpm Rpm	=2.3.8
Rpm Rpm	=2.0.6
Rpm Rpm	=1.4.4
Rpm Rpm	=4.4.2
Rpm Rpm	=1.4.2\/a
Rpm Rpm	=2.4.1
Rpm Rpm	=2.4.9
Rpm Rpm	=2.6.7
Rpm Rpm	=2..4.10
Rpm Rpm	=1.4
Rpm Rpm	=2.0.10
Rpm Rpm	=2.4.5
Rpm Rpm	=4.0.1
Rpm Rpm	=2.2.11
Rpm Rpm	=4.0.4
Rpm Rpm	=2.2.1
Rpm Rpm	=2.0.1
Rpm Rpm	=1.4.2
Rpm Rpm	=3.0.3
Rpm Rpm	=2.0.7
Rpm Rpm	=4.0.2
Rpm Rpm	=2.2.8
Rpm Rpm	=3.0.2
Rpm Rpm	=1.2
Rpm Rpm	=4.0.
Rpm Rpm	=2.1.1
Rpm Rpm	=4.3.3
Rpm Rpm	=2.5.5
Rpm Rpm	=2.0.8
Rpm Rpm	=2.3
Rpm Rpm	=4.4.2.2
Rpm Rpm	=2.4.8
Rpm Rpm	=3.0.4
Rpm Rpm	=2.5.6
Rpm Rpm	=2.0
Rpm Rpm	=2.0.2
Rpm Rpm	=2.3.2
Rpm Rpm	=2.4.3
Rpm Rpm	=2.4.2
Rpm Rpm	=1.4.5
Rpm Rpm	=2.0.11
Rpm Rpm	=3.0.5
Rpm Rpm	=1.3
Rpm Rpm	=2.2.3
Rpm Rpm	=2.2
Rpm Rpm	=2.1.2
Rpm Rpm	=2.3.9
Rpm Rpm	=2.2.4
Rpm Rpm	=2.2.9
Rpm Rpm	=2.5.3
Rpm Rpm	=2.2.6
Rpm Rpm	=2.3.6
Rpm Rpm	=2.5
Rpm Rpm	=2.2.3.10
Rpm Rpm	=2.0.5
Rpm Rpm	=4.4.2.3
Rpm Rpm	=2.4.12
Rpm Rpm	=2.5.4
Rpm Rpm	=1.4.7
Rpm Rpm	=3.0
Rpm Rpm	=1.4.6
Rpm Rpm	=2.5.2
Rpm Rpm	=2.4.11
Rpm Rpm	=2.0.9
Rpm Rpm	=2.1
Rpm Rpm	=2.2.10
Rpm Rpm	=2.3.3
Rpm Rpm	=2.3.7
Rpm Rpm	=2.3.4
Rpm Rpm	=2.0.4
Rpm Rpm	=1.3.1
Rpm Rpm	=3.0.6
Rpm Rpm	=2.0.3
Rpm Rpm	=2.3.1
Rpm Rpm	=4.0.3
Rpm Rpm	=2.4.6
Rpm Rpm	=2.5.1
Rpm Rpm	=2.2.5
Rpm Rpm	=2.2.2
Rpm Rpm	=2.2.7
Rpm Rpm	=4.6.0
Rpm Rpm	<=4.8.0
Rpm Rpm	=4.7.2
Rpm Rpm	=4.7.0
Rpm Rpm	=4.6.1
Rpm Rpm	=4.7.1

CVE-2010-2198

Never miss a vulnerability like this again

Reference Links

Company

Resources

Contact