CVE & CISA-KEV Catalog

CVE-2022-21658

HIGH
7.3
CVSS v3
NVD

Description

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don't have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being affected by this. Note that adding checks in your codebase before calling remove_dir_all will not mitigate the vulnerability, as they would also be vulnerable to race conditions like remove_dir_all itself. The existing mitigation is working as intended outside of race conditions.

How to fix

Remediation Available
rustcDebian
Fixed in:1.57.0+dfsg1-1CVE-2022-21658
Fixed in:1.57.0+dfsg1-1CVE-2022-21658
Fixed in:1.57.0+dfsg1-1CVE-2022-21658

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeChanged

Impact

ConfidentialityNone
IntegrityLow
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

Exploit Intelligence

1.38%probability of exploitation in 30 days
69thpercentile

Moderate risk: more likely to be exploited than 69% of all known CVEs.

References

Embed a live status badge for CVE-2022-21658
CVE-2022-21658 severity badge

Markdown

[![CVE-2022-21658](https://tridentstack.com/cve/badge/CVE-2022-21658.svg)](https://tridentstack.com/cve/CVE-2022-21658)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-21658"><img src="https://tridentstack.com/cve/badge/CVE-2022-21658.svg" alt="CVE-2022-21658"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.