CVE-2026-41991 - Predictable Temporary File in GNU gzip
CVE ID :CVE-2026-41991
Published : June 29, 2026, 10:15 a.m. | 2 hours, 27 minutes ago
Description :GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely on the process ID (PID). This predictable filename is created without exclusive access or existence checks. A local attacker can pre‑create the predicted temporary file path as a symbolic link pointing to an arbitrary file writable by the victim. When gzexe runs, it follows the symlink and overwrites the target file, resulting in a time‑of‑check to time‑of‑use (TOCTOU) condition that allows arbitrary file overwrite. This issue has been fixed in the commit 4e6f8b24ab823146ab8776f0b7fe486ab34d4269
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : June 29, 2026, 10:15 a.m. | 2 hours, 27 minutes ago
Description :GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely on the process ID (PID). This predictable filename is created without exclusive access or existence checks. A local attacker can pre‑create the predicted temporary file path as a symbolic link pointing to an arbitrary file writable by the victim. When gzexe runs, it follows the symlink and overwrites the target file, resulting in a time‑of‑check to time‑of‑use (TOCTOU) condition that allows arbitrary file overwrite. This issue has been fixed in the commit 4e6f8b24ab823146ab8776f0b7fe486ab34d4269
Severity: 2.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...