vulnerability

Red Hat OpenShift: CVE-2021-20319: coreos-installer: incorrect signature verification on gzip-compressed install images

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:P/I:P/A:P)	Oct 28, 2021	Oct 28, 2021	Aug 11, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Oct 28, 2021

Added

Oct 28, 2021

Modified

Aug 11, 2025

Description

An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed.

Solution

linuxrpm-upgrade-coreos-installer

References

CVE-2021-20319
https://attackerkb.com/topics/CVE-2021-20319
CWE-347
REDHAT-RHSA-2021:3926
REDHAT-RHSA-2021:3930
REDHAT-RHSA-2021:3934
REDHAT-RHSA-2021:4008

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today