Medium severity4.6NVD Advisory· Published Feb 7, 2017· Updated Jun 17, 2026
CVE-2016-2781
CVE-2016-2781
Description
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- osv-coords6 versionspkg:apk/chainguard/coreutilspkg:apk/chainguard/coreutils-docpkg:apk/chainguard/coreutils-legacypkg:apk/wolfi/coreutilspkg:apk/wolfi/coreutils-docpkg:apk/wolfi/coreutils-legacy
< 9.6-r30+ 5 more
- (no CPE)range: < 9.6-r30
- (no CPE)range: < 9.6-r30
- (no CPE)range: < 9.6-r30
- (no CPE)range: < 9.6-r30
- (no CPE)range: < 9.6-r30
- (no CPE)range: < 9.6-r30
Patches
Vulnerability mechanics
References
3- www.openwall.com/lists/oss-security/2016/02/28/2nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/02/28/3nvdMailing ListThird Party Advisory
- lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3Envd
News mentions
0No linked articles in our index yet.