Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/05/11 6:39 p.m.12 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References8
OSV
OSV
added 2026/04/13 5:43 a.m.7 views

BIT-GOLANG-2026-32282 TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix

On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the ATSYMLINKNOFOLLOW flag, which Root.Chmod uses to...

6.4CVSS5.8AI score0.00292EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/13 12:0 a.m.6 views

PT-2026-32421

On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT SYMLINK NOFOLLOW flag, which Root.Chmod uses to...

6.4CVSS5.8AI score0.00292EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/09 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-32282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even...

6.4CVSS6.9AI score0.00292EPSS
Exploits0References4
Rows per page
Query Builder