CVE-2022-21658

Time-of-check time-of-use race condition can allow attacker to delete files they do not have access to delete

Reported

January 16, 2022

Issued

January 21, 2022

Package

std

Type

Vulnerability

Categories

file-disclosure

References

https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html

CVSS Score

7.3 HIGH

CVSS Details

Attack Vector: Local
Attack Complexity: Low
Privileges Required: Low
User Interaction: None
Scope: Changed
Confidentiality Impact: None
Integrity Impact: Low
Availability Impact: High

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

Patched

>=1.58.1

Affected Functions

Version

std::fs::remove_dir_all

<1.58.1

Description

In the standard library in Rust before 1.58.1, an attacker with unprivileged access to a system could trick a privileged program using std::fs::remove_dir_all into deleting files they don't have access to delete by creating a symlink in a directory that would be removed by a std::fs::remove_dir_all call due to a Time-of-check time-of-use race condition around this function's check for symbolic links. The function should remove the symbolic links rather than recursively deleting the linked file or directory.

Advisory available under CC0-1.0 license.