Vulnerability Name: | CVE-2021-28153 (CCN-198147) | ||||||||||||||||||||||||||||||||||||
Assigned: | 2020-11-17 | ||||||||||||||||||||||||||||||||||||
Published: | 2020-11-17 | ||||||||||||||||||||||||||||||||||||
Updated: | 2022-06-06 | ||||||||||||||||||||||||||||||||||||
Summary: | An issue was discovered in GNOME GLib before 2.66.8. When g_file_replace() is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled. (If the path is a symlink to a file that already exists, then the contents of that file correctly remain unchanged.) | ||||||||||||||||||||||||||||||||||||
CVSS v3 Severity: | 5.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) 4.6 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
4.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C)
| ||||||||||||||||||||||||||||||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||||||||||||||||||||||||||||||
Vulnerability Type: | CWE-59 | ||||||||||||||||||||||||||||||||||||
Vulnerability Consequences: | Bypass Security | ||||||||||||||||||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2021-28153 Source: XF Type: UNKNOWN gnome-cve202128153-sec-bypass(198147) Source: CCN Type: GNOME GIT Repository file-roller symlink attack Source: MISC Type: Exploit, Issue Tracking, Patch, Vendor Advisory https://gitlab.gnome.org/GNOME/glib/-/issues/2325 Source: MLIST Type: UNKNOWN [debian-lts-announce] 20220606 [SECURITY] [DLA 3044-1] glib2.0 security update Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2021-a1f51fc418 Source: FEDORA Type: Mailing List, Third Party Advisory FEDORA-2021-5c81cb03d0 Source: GENTOO Type: Third Party Advisory GLSA-202107-13 Source: CONFIRM Type: Third Party Advisory https://security.netapp.com/advisory/ntap-20210416-0003/ Source: CCN Type: IBM Security Bulletin 6541298 (Cloud Pak for Automation) Multiple security vulnerabilities fixed in Cloud Pak for Automation components Source: CCN Type: IBM Security Bulletin 6551876 (Cloud Pak for Security) Cloud Pak for Security uses packages that are vulnerable to multiple CVEs Source: CCN Type: IBM Security Bulletin 6574787 (QRadar SIEM) IBM QRadar SIEM is vulnerable to using components with Known Vulnerabilities | ||||||||||||||||||||||||||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3: Configuration RedHat 4: Configuration RedHat 5: Configuration RedHat 6: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||
BACK |