CVE-2026-35340 in coreutilsالمعلومات

الملخص

بحسب MITRE • 22/04/2026

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownership or group changes failed due to permission errors. This can lead to security misconfigurations where administrative scripts incorrectly assume that ownership has been successfully transferred across a directory tree.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

Canonical

حجز

02/04/2026

إفشاء

22/04/2026

الاعتدال

تمت الموافقة

إدخال

VDB-359004

CPE

جاهز

CWE

CWE-253 (مؤكد)

CVSS

5.5 (CNA)

EPSS

0.00015

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-35340
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-35340
CVE Details	https://www.cvedetails.com/cve/CVE-2026-35340/

التالي ▸نظرة عامة ◂ السابق

Interested in the pricing of exploits?

See the underground prices here!