CVE-2017-18018

Published: 1/4/2018 Last updated: 6/9/2025 Reserved: 1/3/2018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	7.1	High	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Opam packages affected (5)

conf-timeout fstar karamel kremlin liquidsoap

Products affected (1)

Product	Vendor	Version
n/a	n/a	17.3.1z

References (2)

http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html
http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html