Unrated severityNVD Advisory· Published May 19, 2021· Updated Aug 3, 2024
CVE-2021-3421
CVE-2021-3421
Description
A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
32- RPM/RPM packagedescription
- osv-coords30 versionspkg:rpm/opensuse/libdnf&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/python-rpm&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/python-rpm&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/rpm&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/rpm&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/rpm&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/rpm-ndb&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/python3-rpm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/python3-rpm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/python-rpm&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/python-rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/python-rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/python-rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP2pkg:rpm/suse/python-rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%202%2015%20SP3pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Micro%205.0pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP2pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP3pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/rpm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/rpm&distro=SUSE%20Manager%20Proxy%20Module%204.1pkg:rpm/suse/rpm&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/rpm&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/rpm&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/rpm-ndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2pkg:rpm/suse/rpm-ndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/rpm-python&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/rpm-python&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
< 0.62.0-5.3.1+ 29 more
- (no CPE)range: < 0.62.0-5.3.1
- (no CPE)range: < 4.14.1-lp152.18.3.1
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.14.1-lp152.18.3.1
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.16.1.3-3.2
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.11.2-16.26.1
- (no CPE)range: < 4.11.2-16.26.1
- (no CPE)range: < 4.14.1-22.4.1
- (no CPE)range: < 4.14.1-22.4.1
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.14.1-22.4.1
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.14.1-22.4.2
- (no CPE)range: < 4.14.1-22.4.2
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.14.1-22.4.2
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.11.2-16.26.1
- (no CPE)range: < 4.11.2-16.26.1
- (no CPE)range: < 4.11.2-16.26.1
- (no CPE)range: < 4.14.1-22.4.2
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.14.1-22.4.2
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.14.1-22.4.2
- (no CPE)range: < 4.14.3-37.2
- (no CPE)range: < 4.11.2-16.26.1
- (no CPE)range: < 4.11.2-16.26.1
Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMGXO3W6DHPO62GJ4VVF5DEUX5DRUR5K/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VHRPNBCRPDJHHQE3MBPSZK4H7X2IM7AC/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YILPBTPSBRYL4POBI3F4YUSVPSOQNJBY/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/202107-43mitrevendor-advisoryx_refsource_GENTOO
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.