uutils coreutils TOCTOU Race Condition Vulnerability in Install Utility Allows Overwriting of System Files

A TOCTOU (Time-of-Check to Time-of-Use) race condition vulnerability has been identified in the install utility of uutils coreutils version 0.6.0. The issue arises during file installation, where the utility unlinks an existing file and then recreates it without using the O_EXCL flag. This creates a window of opportunity for a local attacker to exploit the vulnerability by replacing the file with a symbolic link, redirecting privileged writes to overwrite arbitrary system files.

Impact

Exploitation of this vulnerability allows for unauthorized overwriting of system files, potentially leading to system instability or unauthorized privilege escalation.

Reproduction

The vulnerability can be reproduced by using the 'install' command from uutils coreutils 0.6.0. The command should be executed in a way that the target file is replaced by a symbolic link before the file is recreated, taking advantage of the absence of the O_EXCL flag.

Remediation

Users can update to uutils coreutils version 0.6.0 or later, where this vulnerability has been addressed.