523 matches found
Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...
uutils coreutils has an Unchecked Return Value Issue
The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...
uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the mv utility of uutils coreutils during cross-device moves. The extended attribute xattr preservation logic uses multiple path-based system calls that perform fresh path-to-inode lookups for each operation. A local attacker with writ...
uutils coreutils has an Untrusted Search Path
A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
The touch utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during file creation. When the utility identifies a missing path, it later attempts creation using File::create, which internally uses OTRUNC. An attacker can exploit this window to create ...
GHSA-V762-X3CF-5MFG Duplicate Advisory: uutils coreutils has a Link Following Issue Via rm Utility
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7cr3-h577-g38j. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The...
GHSA-GGC5-46RG-MR4V Duplicate Advisory: uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w6xc-g9qj-vp32. This link is maintained to preserve external references. Original Description The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU...
GHSA-79RC-QPW3-JV92 Duplicate Advisory: uutils coreutils has an Improper Preservation of Permissions issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r9hw-mj3w-phcq. This link is maintained to preserve external references. Original Description The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before...
GHSA-67HP-F6HQ-2H6G Duplicate Advisory: uutils coreutils Uses Incorrectly-Resolved Name or Reference
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-8vrf-r662-2w2v. This link is maintained to preserve external references. Original Description The cp utility in uutils coreutils, when performing recursive copies -R, incorrectly treats character and block devic...
GHSA-7259-CWHX-3XX3 Duplicate Advisory: uutils coreutils has an Improper Check for Unusual or Exceptional Conditions
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p7h3-7q52-72w8. This link is maintained to preserve external references. Original Description The printenv utility in uutils coreutils fails to display environment variables containing invalid UTF-8 byte...
uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
A Time-of-Check to Time-of-Use TOCTOU race condition exists in the mv utility of uutils coreutils during cross-device operations. The utility removes the destination path before recreating it through a copy operation. A local attacker with write access to the destination directory can exploit thi...
Duplicate Advisory: uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-w6xc-g9qj-vp32. This link is maintained to preserve external references. Original Description The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU...
GHSA-GPCG-H6X2-C26P Duplicate Advisory: uutils coreutils has an Improper Input Validation issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p6rv-2qpm-fwvg. This link is maintained to preserve external references. Original Description An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send...
Duplicate Advisory: uutils coreutils has an Improper Input Validation issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-p6rv-2qpm-fwvg. This link is maintained to preserve external references. Original Description An argument parsing error in the kill utility of uutils coreutils incorrectly interprets kill -1 as a request to send...
GHSA-M26V-HJQ3-X245 Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwm6-q8ch-hcfr. This link is maintained to preserve external references. Original Description A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the ...
GHSA-V24V-F45G-W7JF Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-239g-2685-54x3. This link is maintained to preserve external references. Original Description The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition during...
Duplicate Advisory: uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gwm6-q8ch-hcfr. This link is maintained to preserve external references. Original Description A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the install utility of uutils coreutils when using the ...
Duplicate Advisory: uutils coreutils has a Path Traversal issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-89p7-7cq3-hhr2. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect t...
GHSA-VCHC-9GGH-3236 Duplicate Advisory: uutils coreutils has a Path Traversal issue
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-89p7-7cq3-hhr2. This link is maintained to preserve external references. Original Description A vulnerability in the rm utility of uutils coreutils allows the bypass of safeguard mechanisms intended to protect t...
EUVD-2026-24977
A vulnerability in the tail utility of uutils coreutils allows for the exfiltration of sensitive file contents when using the --follow=name option. Unlike GNU tail, the uutils implementation continues to monitor a path after it has been replaced by a symbolic link, subsequently outputting the...