top of page
perceptive_background_267k.jpg

A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam() af…

Published:

21 April 2026 at 22:00:00

Alert date:

22 April 2026 at 22:11:22

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems, Cloud & Virtualization

A vulnerability in uutils coreutils chroot utility allows privilege escalation when using --userspec option. The flaw occurs because getpwnam() is called after entering chroot but before dropping root privileges. On glibc systems, this triggers Name Service Switch to load shared libraries from the new root directory. Attackers with write access to NEWROOT can inject malicious NSS modules to execute arbitrary code as root. This enables full container escape or privilege escalation attacks.

Technical details

Mitigation steps:

Affected products:

uutils coreutils

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-35368
https://github.com/uutils/coreutils/issues/10327

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page