CVE-2021-20197

Publication date 26 March 2021

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

6.3 · Medium

Score breakdown

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink.

Read the notes from the security team

Status

Package Ubuntu Release Status
binutils 22.04 LTS jammy
Not affected
21.10 impish
Not affected
21.04 hirsute
Not affected
20.10 groovy Ignored end of life
20.04 LTS focal Ignored
18.04 LTS bionic Ignored
16.04 LTS xenial Ignored
14.04 LTS trusty Ignored

Notes


mdeslaur

commits below are from 2.36 branch. At some point, commits were reverted and then reinstated later on. The list below doesn't include the added and reverted commits. These changes are quite intrusive to backport, are regression- prone and may introduce regressions in other packages. For this reason we will not be fixing this issue in stable releases.

Severity score breakdown

Parameter Value
Base score 6.3 · Medium
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact None
Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N