DEV Community

CVE Reports
CVE Reports

Posted on • Originally published at cvereports.com

CVE-2026-35341: CVE-2026-35341: Local Privilege Escalation and Permission Degradation in uutils coreutils mkfifo

CVE-2026-35341: Local Privilege Escalation and Permission Degradation in uutils coreutils mkfifo

Vulnerability ID: CVE-2026-35341
CVSS Score: 7.1
Published: 2026-07-06

CVE-2026-35341 is a high-severity vulnerability in the mkfifo utility of uutils coreutils, involving a logic-flow bypass and a TOCTOU race condition that permits unauthorized file permission degradation and privilege escalation.

TL;DR

A logical flow-control bypass and a TOCTOU race condition in the uutils coreutils mkfifo utility allow unprivileged local attackers to degrade system file permissions and escalate privileges.


⚠️ Exploit Status: POC

Technical Details

  • CWE ID: CWE-732
  • Attack Vector: Local (AV:L)
  • CVSS v3.1 Score: 7.1
  • EPSS Score: 0.00165
  • Exploit Status: Proof of Concept (PoC) Available
  • CISA KEV Status: Not Listed

Affected Systems

  • uutils coreutils
  • Wolfi developer images
  • Chainguard developer images
  • Debian Linux (experimental uutils-coreutils package)
  • Ubuntu Linux (experimental uutils-coreutils package)
  • coreutils: < commit pull/10376 (Fixed in: PR #10376 merged version)

Mitigation Strategies

  • Upgrade uutils coreutils to a release incorporating Pull Request #10376.
  • Enable system-wide symlink protections via sysctl configuration.
  • Avoid executing mkfifo with elevated privileges in globally writable directories.

Remediation Steps:

  1. Identify all system deployments using uutils coreutils instead of GNU coreutils.
  2. Recompile or update uutils coreutils packages to versions beyond the commit in PR #10376.
  3. Add 'fs.protected_symlinks = 1' to /etc/sysctl.conf and run 'sysctl -p' to apply protections.
  4. Audit existing critical file permissions to identify unauthorized modifications.

References


Read the full report for CVE-2026-35341 on our website for more details including interactive diagrams and full exploit analysis.

Top comments (0)