vulnerability
Rocky Linux: CVE-2021-20266: rpm (RLSA-2021-4489)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:N/A:P) | Apr 30, 2021 | Mar 12, 2024 | Aug 13, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:N/A:P)
Published
Apr 30, 2021
Added
Mar 12, 2024
Modified
Aug 13, 2025
Description
A flaw was found in RPM's hdrblobInit() in lib/header.c. This flaw allows an attacker who can modify the rpmdb to cause an out-of-bounds read. The highest threat from this vulnerability is to system availability.
Solutions
rocky-upgrade-python3-rpmrocky-upgrade-python3-rpm-debuginforocky-upgrade-rpmrocky-upgrade-rpm-buildrocky-upgrade-rpm-build-debuginforocky-upgrade-rpm-build-libsrocky-upgrade-rpm-build-libs-debuginforocky-upgrade-rpm-debuginforocky-upgrade-rpm-debugsourcerocky-upgrade-rpm-develrocky-upgrade-rpm-devel-debuginforocky-upgrade-rpm-libsrocky-upgrade-rpm-libs-debuginforocky-upgrade-rpm-plugin-fapolicydrocky-upgrade-rpm-plugin-fapolicyd-debuginforocky-upgrade-rpm-plugin-imarocky-upgrade-rpm-plugin-ima-debuginforocky-upgrade-rpm-plugin-prioresetrocky-upgrade-rpm-plugin-prioreset-debuginforocky-upgrade-rpm-plugin-selinuxrocky-upgrade-rpm-plugin-selinux-debuginforocky-upgrade-rpm-plugin-syslogrocky-upgrade-rpm-plugin-syslog-debuginforocky-upgrade-rpm-plugin-systemd-inhibitrocky-upgrade-rpm-plugin-systemd-inhibit-debuginforocky-upgrade-rpm-signrocky-upgrade-rpm-sign-debuginfo
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.