RedHat rpm CVE-2021-20271 Integrity Check Bypass Vulnerability

description-logoDescription

The RPM Package Manager (RPM) is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Security Fix(es): rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. SolutionFor details on how to apply this update, which includes the changes described in this advisory, refer to:https://access.redhat.com/articles/11258 All running applications linked against the RPM library must be restarted for this update to take effect.

affected-products-logoAffected Applications

rpm

CVE References

CVE-2021-20271