Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Lifecycle Timeline
5DescriptionCVE.org
A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms (e.g., ln SOURCE... DIRECTORY). While GNU ln treats filenames as raw bytes and creates the links correctly, the uutils implementation enforces UTF-8 encoding, resulting in a failure to stat the file and a non-zero exit code. In environments where automated scripts or system tasks process valid but non-UTF-8 filenames common on Unix filesystems, this divergence causes the utility to fail, leading to a local denial of service for those specific operations.
AnalysisAI
The ln utility in uutils coreutils fails to process source paths containing non-UTF-8 filename bytes when using target-directory forms, rejecting valid filenames that GNU ln handles correctly. This logic error affects automated scripts and system tasks on Unix filesystems where non-UTF-8 filenames are common, causing denial of service for those specific operations. SSVC classifies exploitation as possible (POC available) but not automatable, with partial technical impact.
Technical ContextAI
The vulnerability stems from CWE-176 (Improper Handling of Unicode Encoding) in uutils coreutils, a pure-Rust reimplementation of GNU coreutils. The ln utility in forms like 'ln SOURCE... DIRECTORY' enforces UTF-8 encoding validation on source filenames, whereas GNU ln and POSIX standards treat filenames as opaque byte sequences. Unix filesystems (ext4, btrfs, NFS, etc.) store filenames as arbitrary byte strings without encoding constraints; valid files with non-UTF-8 byte sequences (e.g., Latin-1, mixed encodings, or legacy filenames from system migrations) are rejected by uutils ln during the stat() call, while GNU ln succeeds. The divergence occurs because Rust's standard library and string handling default to UTF-8, and uutils did not implement locale-aware or byte-preserving filename handling equivalent to C implementations.
RemediationAI
Upgrade uutils coreutils to the patched version released via PR #11403 (vendor confirms patch availability; consult release notes or GitHub tags for the specific patched version number). For systems unable to upgrade immediately, implement a compensating control by substituting the affected ln utility with GNU coreutils ln (install gnu-coreutils or equivalent package if available), which handles non-UTF-8 filenames correctly by design. Alternatively, audit automated scripts that invoke ln to verify they do not process filenames with non-UTF-8 bytes; if necessary, preprocess filenames to enforce UTF-8 encoding or use byte-safe alternatives (e.g., hard linking via inode numbers, or shell wrappers that escape non-UTF-8 sequences). Trade-off: GNU coreutils substitution adds a dependency but maintains POSIX compatibility; filtering non-UTF-8 filenames may silently drop valid files and mask the underlying issue. Vendors distributing uutils coreutils (including Canonical, per Reported by field) should prioritize updating packaged versions.
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly ex
Privilege escalation to root in uutils coreutils chroot utility allows low-privileged local attackers with write access
Recursive chmod operations can bypass --preserve-root protection in uutils coreutils versions prior to 0.6.0, allowing l
Local privilege escalation in uutils coreutils mkfifo allows authenticated users to downgrade permissions on arbitrary f
Privilege escalation in uutils coreutils mkfifo utility allows local attackers with low privileges to manipulate file pe
Bypass of --preserve-root protection in uutils coreutils rm utility allows local users to recursively delete the root fi
The mv utility in uutils coreutils improperly expands symbolic links instead of preserving them during moves across file
The cp utility in uutils coreutils improperly preserves setuid and setgid bits when the chown operation fails during fil
The split utility in uutils coreutils contains a time-of-check to time-of-use (TOCTOU) race condition that allows local
A time-of-check to time-of-use (TOCTOU) race condition in the mv utility of uutils coreutils during cross-device move op
The touch utility in uutils coreutils suffers from a Time-of-Check to Time-of-Use (TOCTOU) race condition that allows lo
Privilege escalation via symlink attack in uutils coreutils install utility when using the -D flag allows local attacker
Same weakness CWE-176 – Improper Handling of Unicode Encoding
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25022
GHSA-jcjr-rh8q-7xqf