TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path.
Metrics
Affected Vendors & Products
References
History
Mon, 01 Sep 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path. | |
Title | TOCTOU race in Linenoise enables arbitrary file overwrite and permission changes | |
Weaknesses | CWE-367 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: CyberArk
Published:
Updated: 2025-09-01T19:03:19.540Z
Reserved: 2025-09-01T18:48:53.813Z
Link: CVE-2025-9810

No data.

Status : Received
Published: 2025-09-01T19:15:32.573
Modified: 2025-09-01T19:15:32.573
Link: CVE-2025-9810

No data.

No data.