gnu binutils CVE-2021-20197 vulnerability in GNU and Other Products
Published on March 26, 2021

product logo product logo product logo product logo
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.

Vendor Advisory NVD

Vulnerability Analysis

CVE-2021-20197 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Attack Vector:
LOCAL
Attack Complexity:
HIGH
Privileges Required:
LOW
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
NONE

Weakness Type

What is an insecure temporary file Vulnerability?

The software attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

CVE-2021-20197 has been classified to as an insecure temporary file vulnerability or weakness.


Products Associated with CVE-2021-20197

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-20197 are published in these products:

GNU Binutils
 
Red Hat Enterprise Linux (RHEL)
 
NetApp Cloud Backup
 
NetApp Ontap Select Deploy Administration Utility
 
NetApp Solidfire Hci Management Node
 
Broadcom Brocade Fabric Operating System Firmware
 

Exploit Probability

EPSS
0.12%
Percentile
30.69%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.