CLSA-2024-1708417063

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2024-1708417063

Upstream

CVE-2021-35937

CVE-2021-35938

CVE-2021-35939

Published

2024-02-20T08:17:46Z

Modified

2026-06-01T00:30:16.572336069Z

Summary

rpm: Fix of 3 CVEs

Details

CVE-2021-35937: fix a possible privilege escalation through a symlink check race condition
CVE-2021-35938: fix a possible privilege escalation using a symlink to a security-critical file
CVE-2021-35939: fix a possible privilege escalation using a symlink as a destination path

References

https://errata.tuxcare.com/almalinux9.2-esu/CLSA-2024-1708417063.html

Affected packages

TuxCare:AlmaLinux:9.2

python3-rpm

Package

Name: python3-rpm
Purl: pkg:rpm/tuxcare/python3-rpm?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm

Package

Name: rpm
Purl: pkg:rpm/tuxcare/rpm?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-apidocs

Package

Name: rpm-apidocs
Purl: pkg:rpm/tuxcare/rpm-apidocs?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-build

Package

Name: rpm-build
Purl: pkg:rpm/tuxcare/rpm-build?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-build-libs

Package

Name: rpm-build-libs
Purl: pkg:rpm/tuxcare/rpm-build-libs?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-cron

Package

Name: rpm-cron
Purl: pkg:rpm/tuxcare/rpm-cron?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-devel

Package

Name: rpm-devel
Purl: pkg:rpm/tuxcare/rpm-devel?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-libs

Package

Name: rpm-libs
Purl: pkg:rpm/tuxcare/rpm-libs?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-plugin-audit

Package

Name: rpm-plugin-audit
Purl: pkg:rpm/tuxcare/rpm-plugin-audit?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-plugin-fapolicyd

Package

Name: rpm-plugin-fapolicyd
Purl: pkg:rpm/tuxcare/rpm-plugin-fapolicyd?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-plugin-ima

Package

Name: rpm-plugin-ima
Purl: pkg:rpm/tuxcare/rpm-plugin-ima?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-plugin-prioreset

Package

Name: rpm-plugin-prioreset
Purl: pkg:rpm/tuxcare/rpm-plugin-prioreset?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-plugin-selinux

Package

Name: rpm-plugin-selinux
Purl: pkg:rpm/tuxcare/rpm-plugin-selinux?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-plugin-syslog

Package

Name: rpm-plugin-syslog
Purl: pkg:rpm/tuxcare/rpm-plugin-syslog?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-plugin-systemd-inhibit

Package

Name: rpm-plugin-systemd-inhibit
Purl: pkg:rpm/tuxcare/rpm-plugin-systemd-inhibit?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-sign

Package

Name: rpm-sign
Purl: pkg:rpm/tuxcare/rpm-sign?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"

rpm-sign-libs

Package

Name: rpm-sign-libs
Purl: pkg:rpm/tuxcare/rpm-sign-libs?distro=almalinux-9.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.16.1.3-22.el9.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2024-1708417063.json"