Security Label Handling Flaw in uutils Coreutils Affects Device Nodes
CVE-2026-35361

3.4LOW

Key Information:

Vendor: Uutils
Status: Coreutils
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-35361?

The mknod utility in uutils coreutils poses a significant risk due to improper handling of security labels during the creation of device nodes. The utility fails to set the appropriate SELinux context atomically, leading to a situation where mislabeled nodes may be left behind if the labeling process encounters an error. The subsequent cleanup attempts using std::fs::remove_dir are ineffective, as this method is incapable of removing device nodes or FIFO special files. This flaw could result in unauthorized access to device nodes, bypassing established mandatory access controls and potentially exposing systems to further security threats.

Affected Version(s)

coreutils Linux 0 < 0.6.0

References

https://github.com/uutils/coreutils/pull/10582

issue-trackingpatch

https://github.com/uutils/coreutils/releases/tag/0.6.0

vendor-advisory

CVSS V3.1

Score:

3.4

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Apr 2, 2026

Credit

Zellic

CVE-2026-35361 Data

JSON