uutils coreutils EUVD-2026-24992

| CVE-2026-35355 MEDIUM
Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367)
2026-04-22 canonical GHSA-v24v-f45g-w7jf
Information Disclosure
6.3
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Apr 23, 2026 - 07:05 vuln.today

DescriptionNVD

The install utility in uutils coreutils is vulnerable to a Time-of-Check to Time-of-Use (TOCTOU) race condition during file installation. The implementation unlinks an existing destination file and then recreates it using a path-based operation without the O_EXCL flag. A local attacker can exploit the window between the unlink and the subsequent creation to swap the path with a symbolic link, allowing them to redirect privileged writes to overwrite arbitrary system files.

AnalysisAI

Time-of-Check to Time-of-Use (TOCTOU) race condition in uutils coreutils install utility allows local authenticated attackers to redirect privileged file writes to arbitrary system locations via symbolic link swapping. By exploiting the window between file unlinking and recreation, an attacker with local access and low privileges can overwrite critical system files when the install command runs with elevated privileges, achieving both integrity compromise and denial of service.

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-24992 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy