{"id":"CVE-2017-18018","details":"In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX \"-R -L\" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.","modified":"2026-07-08T11:36:15.302477Z","published":"2018-01-04T04:29:00.190Z","references":[{"type":"REPORT","url":"http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/coreutils/coreutils","events":[{"introduced":"0"},{"last_affected":"27b2b19aa8d8b30b8cb4198b2f4b54568e10a35e"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"8.29"}],"cpe":"cpe:2.3:a:gnu:coreutils:*:*:*:*:*:*:*:*","source":"CPE_RANGE"}}],"versions":["v8.29","v8.28","v8.27","v8.26","v8.25","v8.24","v8.23","v8.22","v8.21","v8.20","v8.19","v8.18","v8.17","v8.16","v8.15","v8.14","v8.13","v8.12","v8.11","v8.10","v8.9","v8.8","v8.7","v8.6","v8.5","v8.4","v8.3","v8.2","v8.1","v8.0","v7.6","v7.5","v7.4","v7.3","v7.2","v7.1","v7.0","v6.12","v6.11","v6.10","v6.9.92","v6.9.91","v6.9.90","v6.9.89","v6.7","COREUTILS-6_7","v6.6","COREUTILS-6_6","v6.5","COREUTILS-6_5","v6.4","COREUTILS-6_4","v6.3","COREUTILS-6_3","v6.2","COREUTILS-6_2","v6.1","COREUTILS-6_1","v6.0","COREUTILS-6_0","v5.92","COREUTILS-5_92","v5.91","COREUTILS-5_91","v5.90","COREUTILS-5_90","CPPI-1_12","v5.3.0","COREUTILS-5_3_0","v5.2.1","COREUTILS-5_2_1","v5.2.0","COREUTILS-5_2_0","v5.1.3","COREUTILS-5_1_3","v5.1.2","COREUTILS-5_1_2","v5.1.1","COREUTILS-5_1_1","v5.1.0","COREUTILS-5_1_0","v5.0.91","COREUTILS-5_0_91","CPPI-1_11","v5.0.90","COREUTILS-5_0_90","v5.0.1","COREUTILS-5_0_1","v5.0","COREUTILS-5_0","v4.5.12","COREUTILS-4_5_12","v4.5.11","COREUTILS-4_5_11","v4.5.10","COREUTILS-4_5_10","v4.5.9","COREUTILS-4_5_9","v4.5.8","COREUTILS-4_5_8","DU-FTS","v4.5.7","COREUTILS-4_5_7","v4.5.6","COREUTILS-4_5_6","v4.5.5","COREUTILS-4_5_5","v4.5.4","COREUTILS-4_5_4","v4.5.3","COREUTILS-4_5_3","v4.5.2","COREUTILS-4_5_2","v4.5.1","COREUTILS-4_5_1","SH-UTILS-2_0_15","SH-UTILS-2_0_14","TEXTUTILS-2_1","SH-UTILS-2_0_13","FILEUTILS-4_1_11","TEXTUTILS-2_0_22","FILEUTILS-4_1_10","FILEUTILS-4_1_9","SH-UTILS-2_0_12","FILEUTILS-4_1_8","FILEUTILS-4_1_7","FILEUTILS-4_1_6","TEXTUTILS-2_0_21","TEXTUTILS-2_0_20","FILEUTILS-4_1_5","FILEUTILS-4_1_4","TEXTUTILS-2_0_19","FILEUTILS-4_1_3","TEXTUTILS-2_0_18","FILEUTILS-4_1_2","TEXTUTILS-2_0_17","FILEUTILS-4_1_1","TEXTUTILS-2_0_16","TEXTUTILS-2_0_15","CPPI-1_10","CPPI-1_9","FILEUTILS-4_1","FILEUTILS-4_0_45","TEXTUTILS-2_0_14","FILEUTILS-4_0_44","FILEUTILS-4_0_43","TEXTUTILS-2_0_13","FILEUTILS-4_0_42","TEXTUTILS-2_0_12","FILEUTILS-4_0_41","FILEUTILS-4_0_40","FILEUTILS-4_0_39","FILEUTILS-4_0_38","FILEUTILS-4_0_37","FILEUTILS-4_0_36","FILEUTILS-4_0_35","TEXTUTILS-2_0_11","FILEUTILS-4_0_34","TEXTUTILS-2_0_10","CPPI-1_8","TEXTUTILS-2_0_9","FILEUTILS-4_0_33","FILEUTILS-4_0_32","FILEUTILS-4_0_31","FILEUTILS-4_0_30","FILEUTILS-4_0_29","SH-UTILS-2_0_11","FILEUTILS-4_0_28","TEXTUTILS-2_0_8","FILEUTILS-4_0_27","FILEUTILS-4_0z","FILEUTILS-4_0y","TEXTUTILS-2_0g","FILEUTILS-4_0x","SH-UTILS-2_0j","TEXTUTILS-2_0f","FILEUTILS-4_0w","FILEUTILS-4_0v","FILEUTILS-4_0u","FILEUTILS-4_0t","FILEUTILS-4_0s","SH-UTILS-2_0i","SH-UTILS-2_0h","FILEUTILS-4_0r","SH-UTILS-2_0g","TEXTUTILS-2_0e","FILEUTILS-4_0q","SH-UTILS-2_0f","SH-UTILS-2_0e","FILEUTILS-4_0p","SH-UTILS-2_0d","TEXTUTILS-2_0c","TEXTUTILS-2_0b","SH-UTILS-2_0c","FILEUTILS-4_0n","SH-UTILS-2_0b","SH-UTILS-2_0a","FILEUTILS-4_0m","TEXTUTILS-2_0a","FILEUTILS-4_0l","FILEUTILS-4_0k","FILEUTILS-4_0j","FILEUTILS-4_0j-trial","SH-UTILS-2_0","SH-UTILS-1_16m","TEXTUTILS-2_0","TEXTUTILS-1_22q","TEXTUTILS-1_22p","SH-UTILS-1_16l","TEXTUTILS-1_22o","TEXTUTILS-1_22n","FILEUTILS-4_0i","SH-UTILS-1_16k","TEXTUTILS-1_22m","SH-UTILS-1_16j","TEXTUTILS-1_22l","FILEUTILS-4_0h","SH-UTILS-1_16i","TEXTUTILS-1_22k","SH-UTILS-1_16h","FILEUTILS-4_0g","SH-UTILS-1_16g","TEXTUTILS-1_22j","TEXTUTILS-1_22i","FILEUTILS-4_0f","FILEUTILS-4_0e","SH-UTILS-1_16f","FILEUTILS-4_0d","TEXTUTILS-1_22h","TEXTUTILS-1_22g","FILEUTILS-4_1-b3","FILEUTILS-4_1-b2","FILEUTILS-4_1-b1","FILEUTILS-4_0","FILEUTILS-4_0-b7","FILEUTILS-4_0-b6","FILEUTILS-4_0-b5","FILEUTILS-4_0-b4","FILEUTILS-4_0-b3","FILEUTILS-4_0-b2","FILEUTILS-4_0-pre1","FILEUTILS-3_16z","FILEUTILS-3_16x","FILEUTILS-3_16w","FILEUTILS-3_16v","FILEUTILS-3_16u","FILEUTILS-3_16t","FILEUTILS-3_16s","FILEUTILS-3_16r","FILEUTILS-3_16q","FILEUTILS-3_16p","FILEUTILS-3_16o","TEXTUTILS-1_22f","FILEUTILS-3_16n","FILEUTILS-3_16m","FILEUTILS-3_16l","TEXTUTILS-1_22d","FILEUTILS-3_16k","FILEUTILS-3_16j","FILEUTILS-3_16i","FILEUTILS-3_16h","FILEUTILS-3_16g","TEXTUTILS-1_22c","TEXTUTILS-1_22a","SH-UTILS-1_16d","SH-UTILS-1_16c","SH-UTILS-1_16b","SH-UTILS-1_16a","SH-UTILS-1_16","TEXTUTILS-1_22","FILEUTILS-3_16","SH-UTILS-1_15a","FILEUTILS-3_15a","TEXTUTILS-1_21a","SH-UTILS-1_15","TEXTUTILS-1_21","FILEUTILS-3_15","TEXTUTILS-1_20b","FILEUTILS-3_14b","SH-UTILS-1_14b","TEXTUTILS-1_20a","SH-UTILS-1_14a","FILEUTILS-3_14a","SH-UTILS-1_14","FILEUTILS-3_14","SH-UTILS-1_13","TEXTUTILS-1_20","FILEUTILS-3_13k","SH-UTILS-1_12t","TEXTUTILS-1_19r","SH-UTILS-1_12s","SH-UTILS-1_12r","TEXTUTILS-1_19q","FILEUTILS-3_13h","SH-UTILS-1_12p","TEXTUTILS-1_19o","SH-UTILS-1_12o","TEXTUTILS-1_19n","FILEUTILS-3_13g","TEXTUTILS-1_19m","TEXTUTILS-1_19k","TEXTUTILS-1_19j","FILEUTILS-3_13f","TEXTUTILS-1_19i","FILEUTILS-3_13e","TEXTUTILS-1_19h","TEXTUTILS-1_19g","TEXTUTILS-1_19f","TEXTUTILS-1_19d","FILEUTILS-3_13c","FILEUTILS-3_13b","TEXTUTILS-1_19c","TEXTUTILS-1_19b","FILEUTILS-3_13","TEXTUTILS-1_19","FILEUTILS-3_12s","TEXTUTILS-1_18e","FILEUTILS-3_12r","TEXTUTILS-1_18d","TEXTUTILS-1_18c","FILEUTILS-3_12q","FILEUTILS-3_12p","TEXTUTILS-1_18b","FILEUTILS-3_12o","TEXTUTILS-1_18a","TEXTUTILS-1_18","TEXTUTILS-1_17","TEXTUTILS-1_16","TEXTUTILS-1_15","TEXTUTILS-1_14e","TEXTUTILS-1_14d","FILEUTILS-3_12m","TEXTUTILS-1_14c","FILEUTILS-3_12l","TEXTUTILS-1_14b","SH-UTILS-1_12g","SH-UTILS-1_12f","SH-UTILS-1_12e","TEXTUTILS-1_14a","SH-UTILS-1_12d","FILEUTILS-3_12j","TEXTUTILS-1_14","TEXTUTILS-1_13k","TEXTUTILS-1_13j","TEXTUTILS-1_13i","FILEUTILS-3_12g","TEXTUTILS-1_13h","TEXTUTILS-1_13g","TEXTUTILS-1_13F","FILEUTILS-3_12f","TEXTUTILS-1_13","TEXTUTILS-1_12_2","FILEUTILS-3_12a","SH-UTILS-1_12a","textutils-1_12_1","TEXTUTILS-1_8b","FILEUTILS-3_8_3b","ISDIGIT-bug-fix"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-18018.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}