{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35344", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2026-04-02T12:58:56.087Z", "datePublished": "2026-04-22T16:07:46.686Z", "dateUpdated": "2026-04-22T18:04:46.854Z"}, "containers": {"cna": {"title": "uutils coreutils dd Silent Data Corruption via Unconditional Truncation Error Suppression", "affected": [{"vendor": "Uutils", "product": "coreutils", "platforms": ["Linux", "Unix", "macOS"], "collectionURL": "https://github.com/uutils", "packageName": "coreutils", "repo": "https://github.com/uutils/coreutils", "defaultStatus": "affected"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-252", "description": "CWE-252: Unchecked Return Value", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-184", "descriptions": [{"lang": "en", "value": "CAPEC-184: Software Integrity Attack"}]}], "descriptions": [{"lang": "en", "value": "The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok() on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directories caused by full disks or read-only file systems. This can lead to silent data corruption in backup or migration scripts, as the utility may report a successful operation even when the destination file contains old or garbage data."}], "references": [{"url": "https://github.com/uutils/coreutils/issues/9745", "tags": ["issue-tracking"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseSeverity": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "credits": [{"lang": "en", "value": "Zellic", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2026-04-22T16:07:46.686Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-22T18:04:37.730982Z", "id": "CVE-2026-35344", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T18:04:46.854Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-35344", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2026-04-02T12:58:56.087Z", "datePublished": "2026-04-22T16:07:46.686Z", "dateUpdated": "2026-04-22T18:04:46.854Z"}, "containers": {"cna": {"title": "uutils coreutils dd Silent Data Corruption via Unconditional Truncation Error Suppression", "affected": [{"vendor": "Uutils", "product": "coreutils", "platforms": ["Linux", "Unix", "macOS"], "collectionURL": "https://github.com/uutils", "packageName": "coreutils", "repo": "https://github.com/uutils/coreutils", "defaultStatus": "affected"}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-252", "description": "CWE-252: Unchecked Return Value", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-184", "descriptions": [{"lang": "en", "value": "CAPEC-184: Software Integrity Attack"}]}], "descriptions": [{"lang": "en", "value": "The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok() on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directories caused by full disks or read-only file systems. This can lead to silent data corruption in backup or migration scripts, as the utility may report a successful operation even when the destination file contains old or garbage data."}], "references": [{"url": "https://github.com/uutils/coreutils/issues/9745", "tags": ["issue-tracking"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseSeverity": "LOW", "baseScore": 3.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}], "credits": [{"lang": "en", "value": "Zellic", "type": "finder"}], "source": {"discovery": "EXTERNAL"}, "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2026-04-22T16:07:46.686Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-35344", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-22T18:04:37.730982Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-22T18:04:41.439Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok() on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directories caused by full disks or read-only file systems. This can lead to silent data corruption in backup or migration scripts, as the utility may report a successful operation even when the destination file contains old or garbage data."}], "id": "CVE-2026-35344", "lastModified": "2026-04-22T17:16:36.490", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2026-04-22T17:16:36.490", "references": [{"source": "security@ubuntu.com", "url": "https://github.com/uutils/coreutils/issues/9745"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-252"}], "source": "security@ubuntu.com", "type": "Secondary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T18:16:22.492624+00:00", "value": {"mitigation_remediation": ["Use an alternative dd implementation such as GNU coreutils for backup and migration tasks.", "Verify the integrity of destination files after operations, for example by checking hashes or sizes.", "Update to a newer version of uutils coreutils once an official patch is released, or apply a local script patch that checks for truncation errors."], "summary": {"action": "Assess", "impact": "Data Corruption"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the uutils coreutils package, specifically its dd component. Version information is not disclosed, so all releases of uutils coreutils that include the current dd implementation are potentially impacted.", "description_and_impact": "The dd utility in uutils coreutils suppresses errors during file truncation by unconditionally treating the operation as successful. This behavior unintentionally hides failures on regular files and directories caused by full disks or read\u2011only file systems. The result is that scripts performing backups or migrations may report success while the destination file remains unchanged or contains garbage, leading to silent data corruption that can compromise backup integrity and system state.", "risk_and_exploitability": "The CVSS score of 3.3 indicates low overall severity, and the EPSS score is not available. This issue is not listed in the CISA KEV catalog. The vulnerability is discovered in a local utility, so the attack vector is likely local or requires privileged execution, such as a compromised user running backup scripts."}}}}, "created": "2026-04-22T18:30:23.750993+00:00", "updated": "2026-04-22T18:30:23.751011+00:00", "vendors": [], "weaknesses": ["CWE-252"]}