EUVD-2026-24969
GHSA-w8m4-4v35-v6x3
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target path, it fails to terminate the operation for that path and continues to execute a follow-up set_permissions call. This results in the existing file's permissions being changed to the default mode (often 644 after umask), potentially exposing sensitive files such as SSH private keys to other users on the system.
AnalysisAI
Local privilege escalation in uutils coreutils mkfifo allows authenticated users to downgrade permissions on arbitrary files to world-readable mode. When mkfifo attempts to create a FIFO at a path where a file already exists, it erroneously continues execution and calls set_permissions on the existing file, changing its mode to default (typically 644 after umask). …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all systems running uutils coreutils and document versions in use via package managers (apt, rpm, cargo, brew); audit file permissions on sensitive files (~/.ssh/, application config directories) for overly permissive access. Within 7 days: Implement file permission monitoring and restrict local user accounts where feasible; apply principle of least privilege to mkfifo command execution. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today