{"id":"CVE-2016-2781","details":"chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.","modified":"2026-03-14T09:19:10.204888Z","published":"2017-02-07T15:59:00.333Z","related":["CGA-vrjh-c954-x45f"],"references":[{"type":"WEB","url":"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/02/28/2"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/02/28/3"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2781.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N"}]}