// For flags

CVE-2011-3378

rpm: crashes and overflows on malformed header

Severity Score

9.3
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.

RPM v4.4.x hasta v4.9.x, probablemente antes de v4.9.1.2, permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) y posiblemente ejecutar código arbitrario a través de un paquete RPM con cabeceras manipuladas y "offsets" que no son manipulados correctamente cuando un paquete es consultado o instalado, relacionado con (1) la función regionSwab, (2) la función headerLoad, y (3) múltiples funciones en rpmio/rpmpgp.c.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2011-08-30 CVE Reserved
  • 2011-10-03 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • 2024-08-13 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-94: Improper Control of Generation of Code ('Code Injection')
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 <= 4.9.1.1
Search vendor "Rpm" for product "Rpm" and version " <= 4.9.1.1"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.4.2
Search vendor "Rpm" for product "Rpm" and version "4.4.2"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.4.2.
Search vendor "Rpm" for product "Rpm" and version "4.4.2."
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.4.2.1
Search vendor "Rpm" for product "Rpm" and version "4.4.2.1"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.4.2.2
Search vendor "Rpm" for product "Rpm" and version "4.4.2.2"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.4.2.3
Search vendor "Rpm" for product "Rpm" and version "4.4.2.3"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.6.0
Search vendor "Rpm" for product "Rpm" and version "4.6.0"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.6.1
Search vendor "Rpm" for product "Rpm" and version "4.6.1"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.7.0
Search vendor "Rpm" for product "Rpm" and version "4.7.0"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.7.1
Search vendor "Rpm" for product "Rpm" and version "4.7.1"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.7.2
Search vendor "Rpm" for product "Rpm" and version "4.7.2"
-
Affected
Rpm
Search vendor "Rpm"
 Rpm
Search vendor "Rpm" for product "Rpm"
 4.8.0
Search vendor "Rpm" for product "Rpm" and version "4.8.0"
-
Affected