CVE-2026-35368 - uutils coreutils chroot Local Privilege Escalation and chroot Escape in via Name Service Switch (NSS) Injection
CVE ID :CVE-2026-35368 Published : April 22, 2026, 5:16 p.m. | 24 minutes ago Description :A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam() after entering the chroot but before dropping
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] This Vercel breach made me rethink all my connected apps
- [CYBER] France's national agency for managing IDs and passports suffered a data breach last week
- [CYBER] France confirms data breach at government agency that manages citizens' IDs
- [CYBER] Pack2TheRoot (CVE-2026-41651): Cross-Distro Local Privilege Escalation Vulnerability
- [CYBER] New Mirai campaign exploits RCE flaw in EoL D-Link routers
- [CYBER] 'We will reveal their identity photos, names, location, and other': Experts reveal extraordinary battle between rival ransomware gangs — and how victims can get their data back