Search CVE reports
1 – 10 of 19 results
CVE-2024-0684
Medium priorityA flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and...
1 affected package
coreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
coreutils | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2015-4042
Low priorityInteger overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.
1 affected package
coreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
coreutils | — | — | — | — | — |
CVE-2015-4041
Low priorityThe keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a...
1 affected package
coreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
coreutils | — | — | — | — | — |
CVE-2018-1063
Low priorityContext relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when...
1 affected package
policycoreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
policycoreutils | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-18018
Low priorityIn GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary...
1 affected package
coreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
coreutils | — | Not affected | Not affected | Ignored | Ignored |
CVE-2015-1865
Low priorityfts.c in coreutils 8.4 allows local users to delete arbitrary files.
1 affected package
coreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
coreutils | — | — | — | — | — |
CVE-2016-2781
Low prioritychroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
1 affected package
coreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
coreutils | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2016-7545
Medium prioritySELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.
1 affected package
policycoreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
policycoreutils | — | — | — | Not affected | Not affected |
CVE-2014-9471
Medium priorityThe parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the...
1 affected package
coreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
coreutils | — | — | — | — | — |
CVE-2014-3215
Medium priorityseunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it...
1 affected package
policycoreutils
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
policycoreutils | — | — | — | — | Not affected |