Advisories ยป MGASA-2021-0515

Updated arpwatch packages fix security vulnerability

Publication date: 20 Nov 2021
Modification date: 20 Nov 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-25321

Description

A symbolic link (Symlink) following vulnerability in arpwatch allows local
attackers with control of the runtime user to run arpwatch and to escalate
to root upon the next restart of arpwatch. (CVE-2021-25321)

References

SRPMS

8/core