Published: 23/11/2013 Updated: 13/02/2023

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 188

Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent malicious users to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise linux 6.0
opensuse opensuse 11.4
opensuse opensuse 12.2
opensuse opensuse 12.1

Synopsis Low: coreutils security, bug fix, and enhancement update Type/Severity Security Advisory: Low Topic Updated coreutils packages that fix three security issues, several bugs,and add two enhancements are now available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this upd ...

It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca() function An attacker could use this flaw to crash those utilities by providing long input strings (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223) ...

CWE-119 https://bugzilla.novell.com/show_bug.cgi?id=796243 https://build.opensuse.org/request/show/149348#diff_headline_coreutils-i18n-patch_diff_action_0_submit_0_19 http://rhn.redhat.com/errata/RHSA-2013-1652.html https://bugzilla.redhat.com/show_bug.cgi?id=903465 https://access.redhat.com/errata/RHSA-2013:1652 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2013-261.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-0222

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect