Home

Description

The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::remove_dir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind with incorrect default contexts, potentially allowing unauthorized access to device nodes that should have been restricted by mandatory access controls.

PUBLISHED Reserved 2026-04-02 | Published 2026-04-22 | Updated 2026-04-22 | Assigner canonical




LOW: 3.4CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Problem types

CWE-281: Improper Preservation of Permissions

CWE-459: Incomplete Cleanup

Product status

Default status
unaffected

Any version before 0.6.0
affected

Credits

Zellic finder

References

github.com/uutils/coreutils/pull/10582 exploit

github.com/uutils/coreutils/pull/10582 issue-tracking patch

github.com/uutils/coreutils/releases/tag/0.6.0 vendor-advisory

cve.org (CVE-2026-35361)

nvd.nist.gov (CVE-2026-35361)

Download JSON