CVE-2017-18018

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.

Source: CVE-2017-18018

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다