Executive Summary

The vulnerability exists in the cut utility of uutils coreutils where the -s (only-delimited) option is incorrectly handled when a newline character is used as the delimiter.

Specifically, the implementation does not verify the only_delimited flag in the cut_fields_newline_char_delim function, which causes the utility to print lines that are not delimited, even though they should have been suppressed.

This flaw can result in unexpected data being output and passed to downstream scripts that expect strict filtering based on delimiters.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can impact you by causing the cut utility to output lines that should have been suppressed, leading to unexpected or incorrect data being passed to downstream scripts or processes.

If your workflows or scripts rely on the strict filtering of data using the -s option with newline delimiters, this flaw could cause them to process unintended data, potentially leading to errors or incorrect results.

Useful 0 Not Useful 0

Compliance Impact

The vulnerability in the cut utility causes it to incorrectly handle the -s option with newline delimiters, resulting in non-delimited lines being printed when they should be suppressed.

This behavior can lead to unexpected data being passed to downstream scripts that rely on strict output filtering.

Such unintended data leakage or improper filtering could potentially impact compliance with data protection standards and regulations like GDPR or HIPAA, which require strict control over data handling and processing.

However, the provided information does not explicitly discuss compliance impacts or regulatory considerations.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability involves the incorrect handling of the -s (only-delimited) option in the uutils coreutils cut utility when the delimiter is a newline character. Detection would involve verifying if the cut utility version in use exhibits this incorrect behavior by testing the output of cut commands that use the -s flag with newline delimiters.

A practical approach to detect the vulnerability is to run a cut command with the -s option and a newline delimiter on input containing lines both with and without the delimiter, then check if non-delimited lines are incorrectly printed.

Example command to test the behavior:

• echo -e "line1\nline2\nline3" | cut -s -d $'\n' -f 2

If the utility prints lines that do not contain the delimiter (non-delimited lines), it indicates the vulnerability is present.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate this vulnerability, update the uutils coreutils package to a version that includes the fix for CVE-2026-35343, such as the Rust Coreutils version 0.7.0 or later.

This update corrects the handling of the -s flag with newline delimiters and includes multiple performance and safety improvements.

If immediate updating is not possible, avoid using the cut utility with the -s option and newline delimiters in scripts or workflows to prevent unexpected data leakage.

Useful 0 Not Useful 0