Primary

Context

uutils coreutils TOCTOU Vulnerability in Install Utility Allowing Arbitrary File Write

Vulnerability

A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the install utility of uutils coreutils, specifically in version 0.7.0. The issue arises when the -D flag is used, as the command creates parent directories and then performs a second path resolution to create the target file. Neither of these operations is anchored to a directory file descriptor, allowing an attacker with concurrent write access to replace a path component with a symbolic link. This could redirect the privileged write to an arbitrary location in the file system.

Impact

Exploitation of this vulnerability could lead to unauthorized writing of files in privileged contexts, potentially overwriting critical system files or injecting malicious payloads.

Remediation

Users can update to uutils coreutils version 0.7.0 or later, where this vulnerability has been fixed.

Added: Apr 22, 2026, 6:06 PM

Updated: Apr 22, 2026, 6:06 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.6

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.6

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

uutils coreutils TOCTOU Vulnerability in Install Utility Allowing Arbitrary File Write

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating