CVE-2021-20197 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Arbitrary filesystem access
Description	There is an open race window when writing output in the following utilities in GNU binutils: ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. The issue was fixed in binutils version 2.36, but subsequently the fix was partly reverted in version 2.36.1 because it was causing issues with the file archiver "ar".

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-1540	binutils	2.36.1-2		Medium	Vulnerable

References
https://sourceware.org/bugzilla/show_bug.cgi?id=26945 https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=365f5fb6d0f0da83817431a275e99e6f6babbe04 https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1a1c3b4cc17687091cff5a368bd6f13742bcfdf8 https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=014cc7f849e8209623fc99264814bce7b3b6faf2 https://sourceware.org/pipermail/binutils/2021-February/115240.html https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=355e5f2ffbc0db0c6db77586d879553b72958187

References

https://sourceware.org/bugzilla/show_bug.cgi?id=26945
https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=365f5fb6d0f0da83817431a275e99e6f6babbe04
https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=1a1c3b4cc17687091cff5a368bd6f13742bcfdf8
https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=014cc7f849e8209623fc99264814bce7b3b6faf2
https://sourceware.org/pipermail/binutils/2021-February/115240.html
https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=355e5f2ffbc0db0c6db77586d879553b72958187