Vulnerabilities > CVE-2021-20197
Attack vector
LOCAL Attack complexity
HIGH Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.
Vulnerable Configurations
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1913743
- https://bugzilla.redhat.com/show_bug.cgi?id=1913743
- https://security.gentoo.org/glsa/202208-30
- https://security.gentoo.org/glsa/202208-30
- https://security.netapp.com/advisory/ntap-20210528-0009/
- https://security.netapp.com/advisory/ntap-20210528-0009/
- https://sourceware.org/bugzilla/show_bug.cgi?id=26945
- https://sourceware.org/bugzilla/show_bug.cgi?id=26945