High severity7.1OSV Advisory· Published Jan 4, 2018· Updated Jun 17, 2026
CVE-2017-18018
CVE-2017-18018
Description
In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- lists.gnu.org/archive/html/coreutils/2017-12/msg00045.htmlnvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.