CVE-2026-35361 PUBLISHED

uutils coreutils mknod Security Label Inconsistency and Broken Cleanup on SELinux Systems

Assigner: canonical
Reserved: 02.04.2026 Published: 22.04.2026 Updated: 22.04.2026

The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std::fs::remove_dir, which cannot remove device nodes or FIFOs. This leaves mislabeled nodes behind with incorrect default contexts, potentially allowing unauthorized access to device nodes that should have been restricted by mandatory access controls.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N
CVSS Score: 3.4

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	Low
Privileges Required	High	Integrity Impact	Low
User Interaction	None	Availability Impact	None

CVSS 3.1

Product Status

Vendor	Uutils
Product	coreutils
Versions	Default: unaffected affected from 0 to 0.6.0 (excl.)

Credits

Zellic finder

References

Problem Types

CWE-281: Improper Preservation of Permissions CWE
CWE-459: Incomplete Cleanup CWE

Impacts

CAPEC-180: Exploiting Incorrectly Configured Access Control Security Levels