CLSA-2022-1671124065

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2022-1671124065
Upstream
Published
2022-12-15T17:07:45Z
Modified
2026-06-01T00:33:21.757420594Z
Summary
rpm: Fix of 2 CVEs
Details
  • CVE-2021-35939: validate intermediate symlinks during installation
  • CVE-2021-35938: set file metadata via fd-based ops for everything but symlinks
  • Fix file descriptor leak recently introduced in rpmPackageFilesInstall()
References

Affected packages

TuxCare:CentOS:8.5
python3-rpm

Package

Name
python3-rpm
Purl
pkg:rpm/tuxcare/python3-rpm?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm

Package

Name
rpm
Purl
pkg:rpm/tuxcare/rpm?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-apidocs

Package

Name
rpm-apidocs
Purl
pkg:rpm/tuxcare/rpm-apidocs?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-build

Package

Name
rpm-build
Purl
pkg:rpm/tuxcare/rpm-build?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-build-libs

Package

Name
rpm-build-libs
Purl
pkg:rpm/tuxcare/rpm-build-libs?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-cron

Package

Name
rpm-cron
Purl
pkg:rpm/tuxcare/rpm-cron?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-devel

Package

Name
rpm-devel
Purl
pkg:rpm/tuxcare/rpm-devel?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-libs

Package

Name
rpm-libs
Purl
pkg:rpm/tuxcare/rpm-libs?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-plugin-fapolicyd

Package

Name
rpm-plugin-fapolicyd
Purl
pkg:rpm/tuxcare/rpm-plugin-fapolicyd?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-plugin-ima

Package

Name
rpm-plugin-ima
Purl
pkg:rpm/tuxcare/rpm-plugin-ima?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-plugin-prioreset

Package

Name
rpm-plugin-prioreset
Purl
pkg:rpm/tuxcare/rpm-plugin-prioreset?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-plugin-selinux

Package

Name
rpm-plugin-selinux
Purl
pkg:rpm/tuxcare/rpm-plugin-selinux?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-plugin-syslog

Package

Name
rpm-plugin-syslog
Purl
pkg:rpm/tuxcare/rpm-plugin-syslog?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-plugin-systemd-inhibit

Package

Name
rpm-plugin-systemd-inhibit
Purl
pkg:rpm/tuxcare/rpm-plugin-systemd-inhibit?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"
rpm-sign

Package

Name
rpm-sign
Purl
pkg:rpm/tuxcare/rpm-sign?distro=centos-8.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.14.3-19.el8_5.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos8.5els/CLSA-2022-1671124065.json"