CVE-2025-9810: 
Redis Analisi e mitigazione delle vulnerabilità

A Time-of-Check-Time-of-Use (TOCTOU) vulnerability was discovered in the linenoiseHistorySave function of linenoise library, identified as CVE-2025-9810. The vulnerability was discovered on September 1, 2025, and allows local attackers to overwrite arbitrary files and change permissions through a symlink race condition between fopen("w") and chmod() operations on the history path (NVD, AttackerKB).

The vulnerability exists in the linenoiseHistorySave function where a race condition occurs between two file operations: fopen() with write mode and subsequent chmod() on the same file path. The vulnerability has been assigned a CVSS v3.1 base score of 6.8 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L. The issue is classified as CWE-367 (Time-of-check Time-of-use Race Condition) (NVD).

The vulnerability can lead to several security implications including arbitrary file overwrite with process privileges, unintended permission changes on unrelated files, and history file confidentiality bypass. The impact is particularly concerning for applications that integrate linenoise as a dependency, such as redis-cli (GitHub PR).

A fix has been proposed that replaces the chmod() call with fchmod() using the opened file descriptor, which eliminates the TOCTOU condition. The fix was identified using CodeQL's race condition detection rule (GitHub PR).