← Zuruck zu CVEs
CVE-2026-35344
LOW3.3
Beschreibung
The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok() on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directories caused by full disks or read-only file systems. This can lead to silent data corruption in backup or migration scripts, as the utility may report a successful operation even when the destination file contains old or garbage data.
CVE Details
CVSS v3.1 Bewertung3.3
SchweregradLOW
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht4/22/2026
Zuletzt geandert4/22/2026
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-252
Referenzen
https://github.com/uutils/coreutils/issues/9745(security@ubuntu.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.