The `std::fs::remove_dir_all` standard library function is vulnerable to a race condition enabling symlink following. An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete.
Created rust tracking bugs for this issue: Affects: epel-7 [bug 2043031] Affects: fedora-all [bug 2043030]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1894 https://access.redhat.com/errata/RHSA-2022:1894
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-21658