CVE-2026-35339 - Vulnerability Details

- uutils coreutils chmod False Success Exit Code in Recursive Mode

Description

The recursive mode (-R) of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determined solely by the success or failure of the last file processed. This allows the command to return an exit code of 0 (success) even if errors were encountered on previous files, such as 'Operation not permitted'. Scripts relying on these exit codes may proceed under a false sense of success while sensitive files remain with restrictive or incorrect permissions.

Published: 2026-04-22

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

The recursive mode of chmod in uutils coreutils incorrectly sets the command’s exit status based solely on the last file processed. If any preceding file triggers an error such as "Operation not permitted", the utility still returns 0, signaling success. Scripts that rely on that status flag may continue with flawed permissions on sensitive files, allowing misconfigured security settings. This flaw is an example of CWE‑253, Wrong Value Used for Comparison.

Affected Systems

The vulnerability affects uutils coreutils, specifically versions before the 0.6.0 release that contains the fix. Any environment that uses uutils coreutils to set file permissions recursively is potentially impacted.

Risk and Exploitability

The CVSS score of 5.5 indicates moderate severity. No EPSS score is reported, and the vulnerability is not yet listed in CISA’s KEV catalog. Exploitation requires local access to the target system to invoke chmod in recursive mode. An attacker could run chmod -R on a directory, cause scripts to proceed under a false sense of success, and thereby leave sensitive files with incorrect or overly restrictive permissions. The primary risk is permission misconfiguration that could enable privilege escalation or accidental data exposure.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Uutils

coreutils

unaffected

Version	Status	Constraints
`0`	affected	< 0.6.0

No data.

Vendor Product Confidence Versions

Uutils

Coreutils

100%

Version	Status	Scheme	Platform
`[0,0.6.0)`	affected	generic	['linux', 'unix', 'macos']

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Upgrade uutils coreutils to version 0.6.0 or later where the exit‑code handling is corrected.
Modify scripts that use recursive chmod to perform additional checks, such as inspecting logged errors or verifying file permissions after execution.
Implement a periodic audit of file permissions, especially for directories that are frequently modified through chmod -R, to detect any unintended restrictions.
Consider restricting the use of recursive chmod to trusted users or applying stricter permission controls on critical files to reduce the impact of any accidental misconfiguration.

Generated by OpenCVE AI on April 22, 2026 at 18:18 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.0001.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/uutils/coreutils/pull/9793
https://github.com/uutils/coreutils/releases/tag/0.6.0

History

Mon, 27 Apr 2026 20:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Uutils Uutils coreutils
Vendors & Products		Uutils Uutils coreutils

Wed, 22 Apr 2026 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 22 Apr 2026 16:30:00 +0000

Type	Values Removed	Values Added
Description		The recursive mode (-R) of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determined solely by the success or failure of the last file processed. This allows the command to return an exit code of 0 (success) even if errors were encountered on previous files, such as 'Operation not permitted'. Scripts relying on these exit codes may proceed under a false sense of success while sensitive files remain with restrictive or incorrect permissions.
Title		uutils coreutils chmod False Success Exit Code in Recursive Mode
Weaknesses		CWE-253
References		https://github.com/uutils/coreutils/pull/9793 https://github.com/uutils/coreutils/releases/tag/0.6.0
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}`

Subscriptions

Uutils Coreutils

MITRE

Status: PUBLISHED

Assigner: canonical

Published: 2026-04-22T16:07:33.703Z

Updated: 2026-04-22T18:13:40.854Z

Reserved: 2026-04-02T12:58:56.086Z

Link: CVE-2026-35339

Vulnrichment

Updated: 2026-04-22T18:13:33.839Z

NVD

Status : Awaiting Analysis

Published: 2026-04-22T17:16:35.767

Modified: 2026-04-22T21:23:52.620

Link: CVE-2026-35339

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-04-27T19:54:49Z

Weaknesses

CWE-253

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object