REDHAT-BUG-1913743
First published: Thu Jan 07 2021(Updated: )
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. Reference: <a href="https://sourceware.org/bugzilla/show_bug.cgi?id=26945">https://sourceware.org/bugzilla/show_bug.cgi?id=26945</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Binutils | <2.35 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://sourceware.org/bugzilla/show_bug.cgi?id=26945
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1913744
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1913745
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=365f5fb6d0f0da83817431a275e99e6f6babbe04
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=1a1c3b4cc17687091cff5a368bd6f13742bcfdf8
- https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=014cc7f849e8209623fc99264814bce7b3b6faf2
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1913743#c9
- https://sourceware.org/bugzilla/show_bug.cgi?id=27270
- https://sourceware.org/bugzilla/show_bug.cgi?id=27284
- https://sourceware.org/pipermail/binutils/2021-February/115161.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1951278#c3
- https://access.redhat.com/errata/RHSA-2021:4364
- https://access.redhat.com/security/cve/cve-2021-20197
- https://bugzilla.redhat.com/show_bug.cgi?id=1913743
Frequently Asked Questions
What is the severity of REDHAT-BUG-1913743?
The severity of REDHAT-BUG-1913743 is considered high due to the potential for privilege escalation by unprivileged users.
How do I fix REDHAT-BUG-1913743?
To fix REDHAT-BUG-1913743, update to GNU binutils version 2.36 or later where the race condition has been resolved.
What utilities are affected by REDHAT-BUG-1913743?
The utilities affected by REDHAT-BUG-1913743 include ar, objcopy, strip, and ranlib in GNU binutils version 2.35 and earlier.
Who is at risk from REDHAT-BUG-1913743?
Users running GNU binutils version 2.35 or earlier as privileged users are at risk from REDHAT-BUG-1913743.
What type of vulnerability is REDHAT-BUG-1913743 classified as?
REDHAT-BUG-1913743 is classified as a race condition vulnerability that may lead to privilege escalation.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2021-20197
- agent/last-modified-date
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/gnu
- canonical/binutils