A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the t…

A vulnerability in the chmod utility of uutils coreutils allows bypassing the --preserve-root safety mechanism. The implementation fails to canonicalize paths, only checking for literal '/' matches. Attackers can use path variants like /../ or symbolic links to execute destructive recursive operations on the root filesystem. This can lead to system-wide permission loss through commands like chmod -R 000, potentially causing complete system breakdown. The vulnerability affects the core file permission management utility in Unix-like systems.