Duplicate Advisory: uutils coreutils has an Improper Handling of Unicode Encoding Issue
Low severity
GitHub Reviewed
Published
Apr 22, 2026
to the GitHub Advisory Database
•
Updated Jul 6, 2026
Withdrawn
This advisory was withdrawn on Jul 6, 2026
Description
Published by the National Vulnerability Database
Apr 22, 2026
Published to the GitHub Advisory Database
Apr 22, 2026
Reviewed
Apr 30, 2026
Last updated
Jul 6, 2026
Withdrawn
Jul 6, 2026
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-jcjr-rh8q-7xqf. This link is maintained to preserve external references.
Original Description
A logic error in the ln utility of uutils coreutils causes the program to reject source paths containing non-UTF-8 filename bytes when using target-directory forms (e.g., ln SOURCE... DIRECTORY). While GNU ln treats filenames as raw bytes and creates the links correctly, the uutils implementation enforces UTF-8 encoding, resulting in a failure to stat the file and a non-zero exit code. In environments where automated scripts or system tasks process valid but non-UTF-8 filenames common on Unix filesystems, this divergence causes the utility to fail, leading to a local denial of service for those specific operations.
References