uutils coreutils EUVD-2026-24981

| CVE-2026-35349 MEDIUM
Improper Link Resolution Before File Access (CWE-59)
2026-04-22 canonical GHSA-v762-x3cf-5mfg
Authentication Bypass Coreutils
6.7
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Apr 23, 2026 - 07:03 vuln.today

DescriptionNVD

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a symbolic link that resolves to the root directory (e.g., /tmp/rootlink -> /), potentially leading to the unintended recursive deletion of the entire root filesystem.

AnalysisAI

Bypass of --preserve-root protection in uutils coreutils rm utility allows local users to recursively delete the root filesystem by supplying a symbolic link that resolves to the root directory, rather than relying on authentic root inode comparison. The vulnerability affects coreutils versions before 0.7.0 and requires local access with no special privileges, though successful exploitation is hindered by high complexity (AC:H). …

Sign in for full analysis, threat intelligence, and remediation guidance.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

EUVD-2026-24981 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy