CVE-2011-3378

Published: Dec 24, 2011Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via an rpm package with crafted headers and offsets that are not properly handled when a package is queried or installed, related to (1) the regionSwab function, (2) the headerLoad function, and (3) multiple functions in rpmio/rpmpgp.c.

Affected (12)

Products: Rpm: Rpm

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Rpm Rpm	Up to 4.9.1.1
Rpm Rpm	Version 4.4.2.1
Rpm Rpm	Version 4.4.2.2
Rpm Rpm	Version 4.4.2.3
Rpm Rpm	Version 4.4.2.
Rpm Rpm	Version 4.4.2
Rpm Rpm	Version 4.6.0
Rpm Rpm	Version 4.6.1
Rpm Rpm	Version 4.7.0
Rpm Rpm	Version 4.7.1
Rpm Rpm	Version 4.7.2
Rpm Rpm	Version 4.8.0

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (24)

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00000.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00002.html

Source: secalert@redhat.com

http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=11a7e5d95a8ca8c7d4eaff179094afd8bb74fc3f

Source: secalert@redhat.com

http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=a48f0e20cbe2ababc88b2fc52fb7a281d6fc1656

Source: secalert@redhat.com

http://rpm.org/wiki/Releases/4.9.1.2#Security

Source: secalert@redhat.com

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2011:143

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2011/09/27/3

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2011-1349.html

Source: secalert@redhat.com

Vendor Advisory

http://www.ubuntu.com/usn/USN-1695-1

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=741606

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=741612

Source: secalert@redhat.com

Exploit

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00000.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00002.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=11a7e5d95a8ca8c7d4eaff179094afd8bb74fc3f

Source: af854a3a-2127-422b-91ae-364da2661108

http://rpm.org/gitweb?p=rpm.git%3Ba=commitdiff%3Bh=a48f0e20cbe2ababc88b2fc52fb7a281d6fc1656

Source: af854a3a-2127-422b-91ae-364da2661108

http://rpm.org/wiki/Releases/4.9.1.2#Security

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.mandriva.com/security/advisories?name=MDVSA-2011:143

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2011/09/27/3

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2011-1349.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.ubuntu.com/usn/USN-1695-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=741606

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=741612

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.