uutils coreutils split Utility TOCTOU Vulnerability Allowing Unintended File Truncation
Vulnerability
A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the split utility of uutils coreutils. This vulnerability arises because the program, while attempting to prevent data loss by verifying the identity of input and output files through their file paths, ultimately opens the output file with truncation after this validation. A local attacker with write access to the directory can exploit this timing issue by manipulating path components, such as swapping a path with a symbolic link. This exploitation can lead to the split utility truncating and writing to an unintended file, which may include the input file or other sensitive files accessible to the process, resulting in permanent data loss.
Impact
Exploitation of this vulnerability can cause split to overwrite and truncate files, potentially leading to irreversible data loss.
Remediation
Users can apply the patch available in the GitHub pull request #11401 to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.