An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2022-08-23T00:00:00
Updated: 2024-08-03T19:05:55.631Z
Reserved: 2021-12-16T00:00:00
Link: CVE-2021-23177
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-08-23T16:15:09.280
Modified: 2022-12-03T14:16:24.723
Link: CVE-2021-23177
Redhat