Lucene search
K

13 matches found

OSV
OSV
added 2026/04/22 6:31 p.m.5 views

GHSA-X4MC-MQM7-GG39 uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...

4.7CVSS5.8AI score0.00091EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/22 6:31 p.m.8 views

EUVD-2026-24990

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...

4.7CVSS5.8AI score0.00091EPSS
Exploits1References2
NVD
NVD
added 2026/04/22 5:16 p.m.6 views

CVE-2026-35376

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves recursive targets using a fresh path lookup via ftsaccpath rather than binding the traversal and label application to the specific directory...

5.8CVSS0.00088EPSS
Exploits0References2
NVD
NVD
added 2026/04/22 5:16 p.m.7 views

CVE-2026-35354

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...

4.7CVSS0.00091EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/22 4:8 p.m.30 views

CVE-2026-35354 uutils coreutils mv Security Xattr TOCTOU Race in Cross-Device

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...

4.7CVSS0.00091EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.5 views

PT-2026-34490

A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...

4.7CVSS5.8AI score0.00091EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-35376

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the chcon utility of uutils coreutils during recursive operations. The implementation resolves...

5.8CVSS5.5AI score0.00088EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2026/03/12 9:1 p.m.8 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS7.3AI score0.00523EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/12/18 4:34 a.m.6 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2025/11/11 3:7 p.m.7 views

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

7.5CVSS6.6AI score0.00523EPSS
Exploits1References6
Ubuntu
Ubuntu
added 2022/05/02 5:1 p.m.117 views

USN-5399-1: libvirt vulnerabilities

It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2021-3667 It was discovered that libvirt...

7.2CVSS6.5AI score0.01366EPSS
Exploits1
OSV
OSV
added 2022/03/02 11:15 p.m.4 views

UBUNTU-CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

6.3CVSS6.8AI score0.00493EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2017/01/13 12:0 a.m.168 views

docker-engine docker-engine-selinux security and bugfix update

1.12.6-1.0.1 - Enable configuration of Docker daemon via sysconfig orabug 21804877 - Require UEK4 for docker 1.9 orabug 22235639 22235645 - Add docker.conf for prelink orabug 25147708 1.12.6 - the systemd unit file /usr/lib/systemd/system/docker.service contains local changes, or - a systemd...

7.5CVSS7.1AI score0.02731EPSS
Exploits0
Rows per page
Query Builder