CVE-2026-35371: CWE-451: User Interface (UI) Misrepresentation of Critical Information in Uutils coreutils
The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This results in misleading diagnostic output that can cause automated scripts or system administrators to make incorrect decisions regarding file permissions or access control.
AI Analysis
Technical Summary
The id utility in uutils coreutils incorrectly handles the "pretty print" output when the real UID and effective UID differ. The implementation mistakenly uses the effective GID instead of the effective UID during the name lookup for the effective user, resulting in misleading diagnostic information. This misrepresentation can cause automated scripts or administrators to make erroneous decisions about file permissions or access control. The vulnerability is classified under CWE-451 (User Interface Misrepresentation) and has a CVSS v3.1 base score of 3.3 (low). There is no known exploit in the wild and no patch or official remediation level has been published.
Potential Impact
The impact is limited to incorrect informational output from the id utility, which may mislead users or automated processes about user identity details. This could result in improper handling of file permissions or access control decisions. There is no direct impact on confidentiality, availability, or system integrity.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users and administrators should be aware of the potential for misleading output from the id utility when real and effective UIDs differ and verify user identity information through alternative means if critical decisions depend on it.
CVE-2026-35371: CWE-451: User Interface (UI) Misrepresentation of Critical Information in Uutils coreutils
Description
The id utility in uutils coreutils exhibits incorrect behavior in its "pretty print" output when the real UID and effective UID differ. The implementation incorrectly uses the effective GID instead of the effective UID when performing a name lookup for the effective user. This results in misleading diagnostic output that can cause automated scripts or system administrators to make incorrect decisions regarding file permissions or access control.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The id utility in uutils coreutils incorrectly handles the "pretty print" output when the real UID and effective UID differ. The implementation mistakenly uses the effective GID instead of the effective UID during the name lookup for the effective user, resulting in misleading diagnostic information. This misrepresentation can cause automated scripts or administrators to make erroneous decisions about file permissions or access control. The vulnerability is classified under CWE-451 (User Interface Misrepresentation) and has a CVSS v3.1 base score of 3.3 (low). There is no known exploit in the wild and no patch or official remediation level has been published.
Potential Impact
The impact is limited to incorrect informational output from the id utility, which may mislead users or automated processes about user identity details. This could result in improper handling of file permissions or access control decisions. There is no direct impact on confidentiality, availability, or system integrity.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until a fix is available, users and administrators should be aware of the potential for misleading output from the id utility when real and effective UIDs differ and verify user identity information through alternative means if critical decisions depend on it.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- canonical
- Date Reserved
- 2026-04-02T12:58:56.088Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e8f7d519fe3cd2cdd00d87
Added to database: 4/22/2026, 4:31:17 PM
Last enriched: 4/22/2026, 4:47:59 PM
Last updated: 4/23/2026, 1:05:42 AM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.