Compliance Impact

This vulnerability causes the mv utility to fail to preserve file ownership when moving files across different filesystem boundaries, resulting in files unexpectedly becoming root-owned. This can lead to information disclosure or restricted access for the intended owners.

Such unintended changes in file ownership and potential information disclosure could negatively impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls over data access and protection of sensitive information.

Useful 0 Not Useful 0

Executive Summary

The vulnerability exists in the mv utility of uutils coreutils, where it fails to preserve the original file ownership when moving files across different filesystem boundaries.

Instead of retaining the source file's UID and GID, the utility uses a copy-and-delete method that creates the destination file with the caller's UID and GID.

This means that files moved by a privileged user, such as root, may unexpectedly become owned by root rather than the original owner.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can break backups and migrations by altering file ownership unexpectedly.

Files moved by privileged users may become root-owned, which can lead to information disclosure if unauthorized users gain access or cause restricted access for the intended file owners.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by verifying if files moved across different filesystem boundaries using the uutils/coreutils mv command have their ownership preserved correctly. Specifically, after moving a file as root from one filesystem to another, check if the ownership of the moved file remains the same as the original or if it has been changed to root (UID 0, GID 0).

A practical detection method involves creating a test file owned by a non-root user, mounting a separate filesystem (e.g., tmpfs), and moving the file across the filesystem boundary using mv as root. Then, inspect the ownership of the moved file.

Example commands to detect the issue:

• Create a test file as a non-root user: sudo -u username touch /source/testfile
• Mount a separate filesystem (e.g., tmpfs): sudo mount -t tmpfs tmpfs /mnt/tmpfs
• Move the file across filesystem boundaries as root: sudo mv /source/testfile /mnt/tmpfs/
• Check the ownership of the moved file: ls -l /mnt/tmpfs/testfile

If the ownership shows root (UID 0, GID 0) instead of the original user, the vulnerability is present.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include avoiding the use of the vulnerable uutils/coreutils mv command for moving files across filesystem boundaries, especially when running as root.

Instead, use alternative tools or commands that preserve file ownership metadata correctly, such as the GNU mv command, which explicitly restores ownership after copying.

Additionally, review and modify administrative scripts, backup processes, and migration workflows to ensure they do not rely on the vulnerable mv implementation for cross-device moves.

Monitor updates from the uutils/coreutils project for patches addressing this issue and apply them as soon as they become available.

Useful 0 Not Useful 0