Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
13 Feb 2023, 00:29
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Race condition in RPM 4.11.1 and earlier allows remote attackers to execute arbitrary code via a crafted RPM file whose installation extracts the contents to temporary files before validating the signature, as demonstrated by installing a file in the /etc/cron.d directory. |
02 Feb 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
Summary | It was found that RPM wrote file contents to the target installation directory under a temporary name, and verified its cryptographic signature only after the temporary file has been written completely. Under certain conditions, the system interprets the unverified temporary file contents and extracts commands from it. This could allow an attacker to modify signed RPM files in such a way that they would execute code chosen by the attacker during package installation. | |
References |
|
Information
Published : 2014-12-16 18:59
Updated : 2023-12-10 11:31
NVD link : CVE-2013-6435
Mitre link : CVE-2013-6435
CVE.ORG link : CVE-2013-6435
JSON object : View
Products Affected
debian
- debian_linux
rpm
- rpm
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')