CVE-2021-3421

Summary

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

Affected Software

VendorProductVersion RangeStatus
n/arpmrpm 4.17.0-alphaaffected

Weaknesses

  • CWE-347: CWE-347

ADP Enrichment

CVE Program Container

Additional References

References