vulnerability
Alpine Linux: CVE-2017-18018: Race Condition
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:M/Au:N/C:N/I:P/A:N) | 01/04/2018 | 08/22/2024 | 10/01/2024 |
Severity
2
CVSS
(AV:L/AC:M/Au:N/C:N/I:P/A:N)
Published
01/04/2018
Added
08/22/2024
Modified
10/01/2024
Description
In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
Solution
alpine-linux-upgrade-coreutils
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.