vulnerability

Amazon Linux AMI 2: CVE-2021-3421: Security patch for rpm (ALAS-2021-1689)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	May 19, 2021	Jul 19, 2021	Sep 30, 2022

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

May 19, 2021

Added

Jul 19, 2021

Modified

Sep 30, 2022

Description

A flaw was found in the RPM package in the read functionality. This flaw allows an attacker who can convince a victim to install a seemingly verifiable package or compromise an RPM repository, to cause RPM database corruption. The highest threat from this vulnerability is to data integrity. This flaw affects RPM versions before 4.17.0-alpha.

Solutions

amazon-linux-ami-2-upgrade-python2-rpmamazon-linux-ami-2-upgrade-python3-rpmamazon-linux-ami-2-upgrade-rpmamazon-linux-ami-2-upgrade-rpm-apidocsamazon-linux-ami-2-upgrade-rpm-buildamazon-linux-ami-2-upgrade-rpm-build-libsamazon-linux-ami-2-upgrade-rpm-cronamazon-linux-ami-2-upgrade-rpm-debuginfoamazon-linux-ami-2-upgrade-rpm-develamazon-linux-ami-2-upgrade-rpm-libsamazon-linux-ami-2-upgrade-rpm-plugin-systemd-inhibitamazon-linux-ami-2-upgrade-rpm-sign

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today