CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:N/I:P/A:N
EPSS
Percentile
5.1%
Race condition in the recursive (1) directory deletion and (2)
directory move in GNU File Utilities (fileutils) 4.1 and earlier allows
local users to delete directories as the user running fileutils by
moving a low-level directory to a higher level as it is being deleted,
which causes fileutils to chdir to a “…” directory that is higher than
expected, possibly up to the root file system.
Author | Note |
---|---|
sbeattie | fileutils was merged into coreutils |