diff --git a/utils/coreutils/BUILD b/utils/coreutils/BUILD
index 3ccca8979..04f81e1d3 100644
--- a/utils/coreutils/BUILD
+++ b/utils/coreutils/BUILD
@@ -11,7 +11,7 @@ else
   OPTS+=" --disable-nls"
 fi &&
 
-# This option resolves conflicts with shadow/heimdal, net-tools and procps
+# This option resolves conflicts with util-linux/heimdal, net-tools and procps
 OPTS+=" --enable-no-install-program=hostname,su,kill,uptime" &&
 OPTS+=" --enable-install-program=arch" &&
 
diff --git a/utils/coreutils/DETAILS b/utils/coreutils/DETAILS
index bc7d66dce..942c99ec6 100644
--- a/utils/coreutils/DETAILS
+++ b/utils/coreutils/DETAILS
@@ -1,12 +1,12 @@
           MODULE=coreutils
-         VERSION=9.7
+         VERSION=9.8
           SOURCE=$MODULE-$VERSION.tar.xz
    SOURCE_URL[0]=$GNU_URL/$MODULE
    SOURCE_URL[1]=https://ftp.gnu.org/gnu/$MODULE
-      SOURCE_VFY=sha256:e8bb26ad0293f9b5a1fc43fb42ba970e312c66ce92c1b0b16713d7500db251bf
+      SOURCE_VFY=sha256:e6d4fd2d852c9141a1c2a18a13d146a0cd7e45195f72293a4e4c044ec6ccca15
         WEB_SITE=http://www.gnu.org/software/coreutils
          ENTERED=20030217
-         UPDATED=20250902
+         UPDATED=20250924
            SHORT="Contains latest sh-utils, textutils and fileutils"
 PSAFE=no
 
diff --git a/utils/coreutils/patch.d/coreutils-9.8-basenc-base58.patch b/utils/coreutils/patch.d/coreutils-9.8-basenc-base58.patch
new file mode 100644
index 000000000..d8ccb11a8
--- /dev/null
+++ b/utils/coreutils/patch.d/coreutils-9.8-basenc-base58.patch
@@ -0,0 +1,137 @@
+https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=2ef53e5b0477f9d9361a11a471d704a96b1c99b8
+(Dropped the test to avoid autoreconf.)
+
+From 2ef53e5b0477f9d9361a11a471d704a96b1c99b8 Mon Sep 17 00:00:00 2001
+From: Pádraig Brady <P@draigBrady.com>
+Date: Tue, 23 Sep 2025 15:38:51 +0100
+Subject: basenc: --base58: fix buffer overflow with input > 15MB
+
+base58_length() operated naively on an int
+which resulted in an overflow to a negative number
+for any input > 2^31-1/138, i.e. 15,561,475 bytes.
+
+* src/basenc.c (base_length): Change input and output
+parameter types from int to idx_t since this needs to
+cater for the full input size in the base58 case.
+(base58_length): Likewise.  Also reorder the calculation
+to be less exact, but doing the division first
+to minimize the chance of overflow (which now on 64 bit
+would only happen for inputs > around 6 Exa bytes).
+* tests/basenc/basenc-large.sh: Add a new test,
+that triggers with valgrind or ASAN.
+* tests/local.mk: Reference the new test.
+* NEWS: Mention the bug fix.
+---
+ src/basenc.c                 | 43 +++++++++++++++++++++++++------------------
+ 4 files changed, 58 insertions(+), 18 deletions(-)
+ create mode 100755 tests/basenc/basenc-large.sh
+
+diff --git a/src/basenc.c b/src/basenc.c
+index 1fb7a16f5..ae55f8e32 100644
+--- a/src/basenc.c
++++ b/src/basenc.c
+@@ -253,7 +253,7 @@ static_assert (DEC_BLOCKSIZE % 12 == 0); /* Complete encoded blocks are used. */
+ static_assert (DEC_BLOCKSIZE % 40 == 0); /* complete encoded blocks for base32*/
+ static_assert (DEC_BLOCKSIZE % 12 == 0); /* complete encoded blocks for base64*/
+ 
+-static int (*base_length) (int i);
++static idx_t (*base_length) (idx_t len);
+ static int (*required_padding) (int i);
+ static bool (*isubase) (unsigned char ch);
+ static void (*base_encode) (char const *restrict in, idx_t inlen,
+@@ -427,8 +427,8 @@ decode_ctx_finalize (struct base_decode_context *ctx,
+ 
+ #if BASE_TYPE == 42
+ 
+-static int
+-base64_length_wrapper (int len)
++static idx_t
++base64_length_wrapper (idx_t len)
+ {
+   return BASE64_LENGTH (len);
+ }
+@@ -526,8 +526,8 @@ base64url_decode_ctx_wrapper (struct base_decode_context *ctx,
+ 
+ 
+ 
+-static int
+-base32_length_wrapper (int len)
++static idx_t
++base32_length_wrapper (idx_t len)
+ {
+   return BASE32_LENGTH (len);
+ }
+@@ -740,8 +740,8 @@ isubase16 (unsigned char ch)
+   return ch < sizeof base16_to_int && 0 <= base16_to_int[ch];
+ }
+ 
+-static int
+-base16_length (int len)
++static idx_t
++base16_length (idx_t len)
+ {
+   return len * 2;
+ }
+@@ -820,13 +820,14 @@ base16_decode_ctx (struct base_decode_context *ctx,
+ 
+ 
+ 
+-
+-static int
+-z85_length (int len)
++ATTRIBUTE_PURE
++static idx_t
++z85_length (idx_t len)
+ {
+   /* Z85 does not allow padding, so no need to round to highest integer.  */
+-  int outlen = (len * 5) / 4;
+-  return outlen;
++  idx_t z85_len = (len * 5) / 4;
++  affirm (0 <= z85_len);
++  return z85_len;
+ }
+ 
+ static bool
+@@ -1015,8 +1016,8 @@ isubase2 (unsigned char ch)
+   return ch == '0' || ch == '1';
+ }
+ 
+-static int
+-base2_length (int len)
++static idx_t
++base2_length (idx_t len)
+ {
+   return len * 8;
+ }
+@@ -1206,12 +1207,17 @@ isubase58 (unsigned char ch)
+ }
+ 
+ 
+-static int
+-base58_length (int len)
++ATTRIBUTE_PURE
++static idx_t
++base58_length (idx_t len)
+ {
+   /* Base58 output length is approximately log(256)/log(58),
+-     so ensure we've enough place for that + NUL.  */
+-  return (len * 138) / 100 + 1;
++     which is approximately len * 138 / 100,
++     which is at most ((len + 100 - 1) / 100) * 138
++     +1 to ensure we've enough place for NUL  */
++  idx_t base58_len = ((len + 99) / 100) * 138 + 1;
++  affirm (0 < base58_len);
++  return base58_len;
+ }
+ 
+ 
+@@ -1268,6 +1274,7 @@ base58_encode (char const* data, size_t data_len,
+   if (data_len - zeros)
+     {
+       mpz_import (num, data_len - zeros, 1, 1, 0, 0, data + zeros);
++      affirm (mpz_sizeinbase (num, 58) + 1 <= *outlen);
+       for (p = mpz_get_str (p, 58, num); *p; p++)
+         *p = gmp_to_base58[to_uchar (*p)];
+     }
+-- 
+cgit v1.2.3
diff --git a/utils/coreutils/patch.d/coreutils-9.8-tail-offset.patch b/utils/coreutils/patch.d/coreutils-9.8-tail-offset.patch
new file mode 100644
index 000000000..44b7334b5
--- /dev/null
+++ b/utils/coreutils/patch.d/coreutils-9.8-tail-offset.patch
@@ -0,0 +1,35 @@
+https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=914972e80dbf82aac9ffe3ff1f67f1028e1a788b
+(Dropped the test to avoid autoreconf.)
+
+From 914972e80dbf82aac9ffe3ff1f67f1028e1a788b Mon Sep 17 00:00:00 2001
+From: Hannes Braun <hannes@hannesbraun.net>
+Date: Wed, 24 Sep 2025 21:20:49 +0200
+Subject: tail: fix tailing larger number of lines in regular files
+
+* src/tail.c (file_lines): Seek to the previous block instead of the
+beginning (or a little before) of the block that was just scanned.
+Otherwise, the same block is read and scanned (at least partially)
+again. This bug was introduced by commit v9.7-219-g976f8abc1.
+* tests/tail/basic-seek.sh: Add a new test.
+* tests/local.mk: Reference the new test.
+* NEWS: mention the bug fix.
+---
+ src/tail.c               |  2 +-
+ tests/local.mk           |  1 +
+ tests/tail/basic-seek.sh | 28 ++++++++++++++++++++++++++++
+ 4 files changed, 34 insertions(+), 1 deletion(-)
+ create mode 100755 tests/tail/basic-seek.sh
+
+diff --git a/src/tail.c b/src/tail.c
+index b8bef1d91..c7779c77d 100644
+--- a/src/tail.c
++++ b/src/tail.c
+@@ -596,7 +596,7 @@ file_lines (char const *prettyname, int fd, struct stat const *sb,
+           goto free_buffer;
+         }
+ 
+-      pos = xlseek (fd, -bufsize, SEEK_CUR, prettyname);
++      pos = xlseek (fd, -(bufsize + bytes_read), SEEK_CUR, prettyname);
+       bytes_read = read (fd, buffer, bufsize);
+       if (bytes_read < 0)
+         {