CVE-2026-35348
Process Panic in uutils coreutils sort via --files0-from Option
Publication date: 2026-04-22
Last updated on: 2026-04-24
Assigner: Canonical Ltd.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| uutils | coreutils | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-248 | An exception is thrown from a function, but it is not caught. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the sort utility of uutils coreutils when using the --files0-from option with inputs that contain non-UTF-8 filenames. The utility enforces UTF-8 encoding and uses expect(), which causes it to immediately crash if it encounters valid filenames that are not UTF-8 encoded. This behavior differs from GNU sort, which treats filenames as raw bytes and does not crash.
How can this vulnerability impact me? :
A local attacker can exploit this vulnerability to cause the sort utility to crash, leading to a process panic. This can disrupt automated pipelines or workflows that rely on the sort utility, potentially causing denial of service or interruption of normal operations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the behavior of the uutils/coreutils sort utility when using the --files0-from option with files containing non-UTF-8 encoded filenames.
A practical detection method is to create a file with a filename containing non-UTF-8 byte sequences (for example, a byte 0xFF) and then run the command:
- sort --files0-from=<file_with_non_utf8_filenames>
If the utility panics with a UTF-8 parsing error (such as a Utf8Error) and crashes, this indicates the presence of the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, avoid using the `--files0-from` option with the uutils/coreutils sort utility on inputs that may contain non-UTF-8 encoded filenames.
Alternatively, use the GNU coreutils version of sort, which handles non-UTF-8 filenames as raw byte sequences and does not crash on such inputs.
These steps help prevent the utility from crashing due to UTF-8 parsing errors and maintain the stability of automated pipelines.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.