Количество 56
Количество 56
CVE-2026-32282
On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.
CVE-2026-32282
On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.
CVE-2026-32282
On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.
CVE-2026-32282
TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix
CVE-2026-32282
On Linux, if the target of Root.Chmod is replaced with a symlink while ...
RLSA-2026:25999
Moderate: yggdrasil-worker-package-manager security update
GHSA-xj38-jxc5-rppx
On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation.
BDU:2026-07252
Уязвимость языка программирования Go, связанная с неверным определением ссылки перед доступом к файлу, позволяющая нарушителю повысить свои привилегии
ROS-20260430-73-0011
Уязвимость golang
RLSA-2026:19351
Important: grafana-pcp security update
RLSA-2026:19136
Important: grafana-pcp security update
RLSA-2026:17075
Important: yggdrasil security update
RLSA-2026:11712
Important: grafana security update
RLSA-2026:11711
Important: grafana security update
RLSA-2026:11704
Important: grafana-pcp security update
ELSA-2026-19351
ELSA-2026-19351: grafana-pcp security update (IMPORTANT)
ELSA-2026-17075
ELSA-2026-17075: yggdrasil security update (IMPORTANT)
ELSA-2026-11712
ELSA-2026-11712: grafana security update (IMPORTANT)
ELSA-2026-11711
ELSA-2026-11711: grafana security update (IMPORTANT)
ELSA-2026-11704
ELSA-2026-11704: grafana-pcp security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-32282 On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation. | CVSS3: 6.4 | 0% Низкий | 3 месяца назад |
 | CVE-2026-32282 On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation. | CVSS3: 7.8 | 0% Низкий | 3 месяца назад |
 | CVE-2026-32282 On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation. | CVSS3: 6.4 | 0% Низкий | 3 месяца назад |
 | CVE-2026-32282 TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix | 0% Низкий | 24 дня назад | |
| CVE-2026-32282 On Linux, if the target of Root.Chmod is replaced with a symlink while ... | CVSS3: 6.4 | 0% Низкий | 3 месяца назад |
 | RLSA-2026:25999 Moderate: yggdrasil-worker-package-manager security update | 0% Низкий | 8 дней назад | |
| GHSA-xj38-jxc5-rppx On Linux, if the target of Root.Chmod is replaced with a symlink while the chmod operation is in progress, Chmod can operate on the target of the symlink, even when the target lies outside the root. The Linux fchmodat syscall silently ignores the AT_SYMLINK_NOFOLLOW flag, which Root.Chmod uses to avoid symlink traversal. Root.Chmod checks its target before acting and returns an error if the target is a symlink lying outside the root, so the impact is limited to cases where the target is replaced with a symlink between the check and operation. | CVSS3: 6.4 | 0% Низкий | 3 месяца назад |
 | BDU:2026-07252 Уязвимость языка программирования Go, связанная с неверным определением ссылки перед доступом к файлу, позволяющая нарушителю повысить свои привилегии | CVSS3: 6.4 | 0% Низкий | 3 месяца назад |
 | ROS-20260430-73-0011 Уязвимость golang | CVSS3: 6.4 | 0% Низкий | около 2 месяцев назад |
| RLSA-2026:19351 Important: grafana-pcp security update | 30 дней назад | ||
| RLSA-2026:19136 Important: grafana-pcp security update | 29 дней назад | ||
| RLSA-2026:17075 Important: yggdrasil security update | около 1 месяца назад | ||
| RLSA-2026:11712 Important: grafana security update | около 2 месяцев назад | ||
| RLSA-2026:11711 Important: grafana security update | около 2 месяцев назад | ||
| RLSA-2026:11704 Important: grafana-pcp security update | около 2 месяцев назад | ||
| ELSA-2026-19351 ELSA-2026-19351: grafana-pcp security update (IMPORTANT) | 4 дня назад | ||
| ELSA-2026-17075 ELSA-2026-17075: yggdrasil security update (IMPORTANT) | около 2 месяцев назад | ||
| ELSA-2026-11712 ELSA-2026-11712: grafana security update (IMPORTANT) | около 2 месяцев назад | ||
| ELSA-2026-11711 ELSA-2026-11711: grafana security update (IMPORTANT) | около 2 месяцев назад | ||
| ELSA-2026-11704 ELSA-2026-11704: grafana-pcp security update (IMPORTANT) | около 2 месяцев назад |
Уязвимостей на страницу