2392437 – (CVE-2025-9810) CVE-2025-9810 linenoise: TOCTOU race in Linenoise enables arbitrary file overwrite and permission changes

Bug 2392437 (CVE-2025-9810) - CVE-2025-9810 linenoise: TOCTOU race in Linenoise enables arbitrary file overwrite and permission changes

Summary: CVE-2025-9810 linenoise: TOCTOU race in Linenoise enables arbitrary file over...

Keywords:
Status:	NEW
Alias:	CVE-2025-9810
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2392573 2392574 2392576 2392577 2392578 2392580 2392581 2392575 2392579 2392582 2392583 2392584 2392585 2392586 2392587 2392588 2392589 2392590 2392591 2392592 2392593
Blocks:
TreeView+	depends on / blocked

Reported:	2025-09-01 20:01 UTC by OSIDB Bzimport
Modified:	2025-09-02 14:24 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-09-01 20:01:13 UTC

TOCTOU  in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path.

Note You need to log in before you can comment on or make changes to this bug.