Security Advisory

CVE-2010-2059

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-06-08 18:00:00

Last updated 2024-08-07 02:17:14

Assigner redhat

State PUBLISHED

Description

lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid or (2) setgid file.

← Browse all CVEs View on cve.org ↗