25 matches found
EUVD-2026-36638
A race condition was found in the abrt-dbus D-Bus service's ChownProblemDir method. ChownProblemDir opens the dump directory with DDOPENREADONLY and calls ddchown to change ownership of all files to the caller's uid, succeeding even while post-create event handlers hold a write lock. This allows ...
uutils coreutils has an Incorrect Check of Function Return Value
A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...
uutils coreutils 安全漏洞
uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. There is a security vulnerability in uutils coreutils, which stems from defects in the ChownExecutor used for chown and chgrp operations. This causes the utility to return an incorrect exit code during...
UBUNTU-CVE-2025-40355
In the Linux kernel, the following vulnerability has been resolved: sysfs: check visibility before changing group attribute ownership Since commit 0c17270f9b92 "net: sysfs: Implement isvisible for physportid, portname, switchid", devchangenetnamespace can hit WARNON when trying to change owner of...
EUVD-2006-0589
Malware in sbrugna...
nodejs: fs.fchown/fchmod bypasses permission model
A flaw was found in Node.js, affecting users of the experimental permission model when the --allow-fs-write flag is used. The Node.js Permission Model does not operate on file descriptors. However, operations such as fs.fchown or fs.fchmod can use a "read-only" file descriptor to change the owner...
rpm: races with chown/chmod/capabilities calls during installation
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system...
CVE-2023-43116
A symbolic link following vulnerability in Buildkite Elastic CI for AWS versions prior to 6.7.1 and 5.22.5 allows the buildkite-agent user to change ownership of arbitrary directories via the PIPELINEPATH variable in the fix-buildkite-agent-builds-permissions script...
SUSE CVE-2006-1057
Race condition in daemon/slave.c in gdm before 2.14.1 allows local users to gain privileges via a symlink attack when gdm performs chown and chgrp operations on the .ICEauthority file...
SUSE CVE-2022-31253
A Untrusted Search Path vulnerability in openldap2 of openSUSE Factory allows local attackers with control of the ldap user or group to change ownership of arbitrary directory entries to this user/group, leading to escalation to root. This issue affects: openSUSE Factory openldap2 versions prior ...
[H-01] owner not set in Pool.sol
Lines of code Vulnerability details The pool.sol contract here is an UUPSUpgradeable contract. But there is no initialize function where Ownableinit is called , due to which owner is 0x0. It would be impossible to call authorizeUpgrade or change ownership of the contract. POC Adding the following...
CVE-2015-3150
abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the 1 ChownProblemDir, 2 DeleteElement, or 3 DeleteProblem method...
PT-2020-7832 · Abrt +2 · Abrt +2
Name of the Vulnerable Software and Affected Versions: ABRT affected versions not specified Description: A directory traversal issue in abrt-dbus within the Automatic Bug Reporting Tool ABRT allows local users to read, write to, or change ownership of arbitrary files. This can be achieved via...
CVE-2015-2851
clientchown in the sync client in Synology Cloud Station 1.1-2291 through 3.1-3320 on OS X allows local users to change the ownership of arbitrary files, and consequently obtain root access, by specifying a filename...
UBUNTU-CVE-2015-3339
Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...
CVE-2013-1976
Removed by vendor...
tomcat: Improper TOMCAT_LOG management in init script (DoS, ACE)
The 1 tomcat5, 2 tomcat6, and 3 tomcat7 init scripts, as used in the RPM distribution of Tomcat for JBoss Enterprise Web Server 1.0.2 and 2.0.0, and Red Hat Enterprise Linux 5 and 6, allow local users to change the ownership of arbitrary files via a symlink attack on a tomcat5-initd.log, b...
CVE-2011-4105
LightDM before 1.0.6 allows local users to change ownership of arbitrary files via a symlink attack on /.Xauthority...
GLSA-201006-08 : nano: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201006-08 nano: Multiple vulnerabilities Multiple race condition vulnerabilities have been discovered in nano. For further information please consult the CVE entries referenced below. Impact : Under certain conditions, a local,...
CVE-2010-1161
Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files...