Source: rust-coreutils X-Debbugs-CC: [email protected] Severity: important Tags: security
Hi, The following vulnerability was published for rust-coreutils. CVE-2026-35368[0]: | A vulnerability exists in the chroot utility of uutils coreutils | when using the --userspec option. The utility resolves the user | specification via getpwnam() after entering the chroot but before | dropping root privileges. On glibc-based systems, this can trigger | the Name Service Switch (NSS) to load shared libraries (e.g., | libnss_*.so.2) from the new root directory. If the NEWROOT is | writable by an attacker, they can inject a malicious NSS module to | execute arbitrary code as root, facilitating a full container escape | or privilege escalation. https://github.com/uutils/coreutils/issues/10327 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-35368 https://www.cve.org/CVERecord?id=CVE-2026-35368 Please adjust the affected versions in the BTS as needed.
