Vulnerability Name:

CVE-2021-28153 (CCN-198147)

Assigned:2020-11-17
Published:2020-11-17
Updated:2022-06-06
Summary:An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.)
CVSS v3 Severity:5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): High
Availibility (A): None
5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:C/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): Complete
Availibility (A): None
Vulnerability Type:CWE-59
Vulnerability Consequences:Bypass Security
References:Source: MITRE
Type: CNA
CVE-2021-28153

Source: XF
Type: UNKNOWN
gnome-cve202128153-sec-bypass(198147)

Source: CCN
Type: GNOME GIT Repository
file-roller symlink attack

Source: MISC
Type: Exploit, Issue Tracking, Patch, Vendor Advisory
https://gitlab.gnome.org/GNOME/glib/-/issues/2325

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20220606 [SECURITY] [DLA 3044-1] glib2.0 security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-a1f51fc418

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-5c81cb03d0

Source: GENTOO
Type: Third Party Advisory
GLSA-202107-13

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210416-0003/

Source: CCN
Type: IBM Security Bulletin 6541298 (Cloud Pak for Automation)
Multiple security vulnerabilities fixed in Cloud Pak for Automation components

Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Source: CCN
Type: IBM Security Bulletin 6574787 (QRadar SIEM)
IBM QRadar SIEM is vulnerable to using components with Known Vulnerabilities

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnome:glib:*:*:*:*:*:*:*:* (Version < 2.66.8)

    • Configuration 2:
  • cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:8::baseos:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/a:redhat:enterprise_linux:9:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/a:redhat:enterprise_linux:9::crb:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:gnome:glib:2.66.0:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.3:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:21.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_automation:21.0.2:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*
  • OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.redhat.rhsa:def:20228418
    P
    		RHSA-2022:8418: mingw-glib2 security and bug fix update (Low)
    2022-11-15
    oval:org.opensuse.security:def:42273
    P
    		Security update for glib2 (Low)
    2022-04-28
    oval:org.opensuse.security:def:101601
    P
    		Security update for glib2 (Low)
    2022-04-28
    oval:org.opensuse.security:def:42373
    P
    		Security update for glib2 (Low)
    2022-04-28
    oval:org.opensuse.security:def:870
    P
    		Security update for glib2 (Low)
    2022-04-28
    oval:org.opensuse.security:def:456
    P
    		Security update for glib2 (Low)
    2022-04-28
    oval:org.opensuse.security:def:42179
    P
    		Security update for glib2 (Low)
    2022-04-28
    oval:com.redhat.rhsa:def:20214385
    P
    		RHSA-2021:4385: glib2 security and bug fix update (Moderate)
    2021-11-09
    BACK
    gnome glib *
    fedoraproject fedora 33
    gnome glib 2.66.0
    ibm qradar security information and event manager 7.3.3
    ibm cloud pak for automation 21.0.1
    ibm cloud pak for automation 21.0.2 -
    ibm qradar security information and event manager 7.4.3 -
    ibm cloud pak for security 1.7.2.0