CVE-2005-4889 — RPM vulnerability

CWE-2648 documents7 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 85.71%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

RPM Debian RPM

Timeline

PublishedJun 8

Latest updateMay 1

Description

lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executable file during deletion of the file in an RPM package removal, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file, a related issue to CVE-2010-2059.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/rpm< rpm 4.7.0-1 (bookworm)

▶Debianrpm/rpm< 4.7.0-1+3

▶NVDrpm/rpm4.4.2.3+86

Patches

Patch: distrib-coffee.ipsl.jussieu.fr ↗Patch: distrib-coffee.ipsl.jussieu.fr ↗

🔴Vulnerability Details

GHSA

GHSA-pfqv-vjx4-pmxj: lib/fsm↗2022-05-01

▶

OSV

CVE-2005-4889: lib/fsm↗2010-06-08

▶

CVEList

CVE-2005-4889: lib/fsm↗2010-06-08

▶

📋Vendor Advisories

Red Hat

rpm: fails to drop SUID/SGID bits on package removal↗2010-06-01

▶

Debian

CVE-2005-4889: rpm - lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of an executa...↗2005

▶

💬Community

Bugzilla

CVE-2005-4889 rpm: fails to drop SUID/SGID bits on package removal↗2010-08-20

▶

Bugzilla

CVE-2005-4889 rpm: Updates leave hardlinked copies untouched.↗2004-06-08

▶