CVE-2026-35354

The CVE concerns the mv utility from uutils coreutils, where a TOCTOU race occurs during cross-device moves. The xattr preservation logic uses several path-based system calls that re-resolve inodes between operations, allowing a local attacker with directory write access to swap files during the ...

PT-2026-34490

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...

Linux Distros Unpatched Vulnerability : CVE-2026-35354

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr...

CVE-2025-68183

CVE-2025-68183 relates to the Linux kernel IMA logic. The issue occurs when both IMA and EVM are in fix mode: the IMA_DIGSIG flag can be cleared when a file’s security attributes are updated (e.g., setting/removing security.xattrs such as security.selinux or security.evm). This can cause a valida...