Lucene search
+L

7 matches found

osv
osv
added 2026/04/22 6:31 p.m.11 views

GHSA-9GH9-HWPR-RVQQ uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local attacker with write access to the parent directory can swap the newly created FIFO for a symbolic link...

7CVSS5.9AI score0.00147EPSS
Exploits1References6
euvd
euvd
added 2026/04/22 6:31 p.m.5 views

EUVD-2026-24986

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local attacker with write access to the parent directory can swap the newly created FIFO for a symbolic link...

7CVSS5.9AI score0.00147EPSS
Exploits1References2
ubuntucve
ubuntucve
added 2026/04/22 5:16 p.m.13 views

CVE-2026-35341

A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target path, it fails to terminate the operation for that path and continues to execute a follow-up...

7.1CVSS5.9AI score0.00165EPSS
Exploits1References2
vulnrichment
vulnrichment
added 2026/04/22 4:8 p.m.8 views

CVE-2026-35352 uutils coreutils mkfifo Privilege Escalation via TOCTOU Race Condition

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local attacker with write access to the parent directory can swap the newly created FIFO for a symbolic link...

7CVSS5.9AI score0.00147EPSS
Exploits1References1
attackerkb
attackerkb
added 2026/04/22 4:8 p.m.4 views

CVE-2026-35352

A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local attacker with write access to the parent directory can swap the newly created FIFO for a symbolic link...

7CVSS5.9AI score0.00147EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2026/04/22 12:0 a.m.6 views

PT-2026-34477

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description A flaw in the mkfifo utility allows for the unauthorized modification of permissions on existing files. When the utility fails to create a FIFO because a file already exists at the...

7.1CVSS6AI score0.00165EPSS
Exploits1References13
euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-19924

Malicious code in bioql PyPI...

5.5CVSS6.1AI score0.00459EPSS
Exploits1References4
Rows per page
Query Builder