Coreutils
by GNU
CVEs (13)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-18018 | Hig | 0.46 | 7.1 | 0.00 | Jan 4, 2018 | In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. | ||
| CVE-2015-1865 | Med | 0.33 | 5.1 | 0.00 | Sep 20, 2017 | fts.c in coreutils 8.4 allows local users to delete arbitrary files. | ||
| CVE-2016-2781 | Med | 0.30 | 4.6 | 0.00 | Feb 7, 2017 | chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. | ||
| CVE-2025-5278 | Med | 0.22 | 4.4 | 0.00 | May 27, 2025 | A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a… | ||
| CVE-2014-9471 | 0.01 | — | 0.07 | Jan 16, 2015 | The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command. | |||
| CVE-2024-0684 | 0.00 | — | 0.00 | Feb 6, 2024 | A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service. | |||
| CVE-2015-4042 | 0.00 | — | 0.02 | Jan 24, 2020 | Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings. | |||
| CVE-2015-4041 | 0.00 | — | 0.01 | Jan 24, 2020 | The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow… | |||
| CVE-2013-0223 | 0.00 | — | 0.01 | Nov 23, 2013 | The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function. | |||
| CVE-2013-0222 | 0.00 | — | 0.00 | Nov 23, 2013 | The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function. | |||
| CVE-2009-4135 | 0.00 | — | 0.00 | Dec 11, 2009 | The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. | |||
| CVE-2008-1946 | 0.00 | — | 0.00 | Jul 28, 2008 | The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module. | |||
| CVE-2005-1039 | 0.00 | — | 0.00 | May 2, 2005 | Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files. |
- risk 0.46cvss 7.1epss 0.00
In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
- risk 0.33cvss 5.1epss 0.00
fts.c in coreutils 8.4 allows local users to delete arbitrary files.
- risk 0.30cvss 4.6epss 0.00
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
- risk 0.22cvss 4.4epss 0.00
A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a…
- CVE-2014-9471Jan 16, 2015risk 0.01cvss —epss 0.07
The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command.
- CVE-2024-0684Feb 6, 2024risk 0.00cvss —epss 0.00
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.
- CVE-2015-4042Jan 24, 2020risk 0.00cvss —epss 0.02
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.
- CVE-2015-4041Jan 24, 2020risk 0.00cvss —epss 0.01
The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow…
- CVE-2013-0223Nov 23, 2013risk 0.00cvss —epss 0.01
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function.
- CVE-2013-0222Nov 23, 2013risk 0.00cvss —epss 0.00
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.
- CVE-2009-4135Dec 11, 2009risk 0.00cvss —epss 0.00
The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp.
- CVE-2008-1946Jul 28, 2008risk 0.00cvss —epss 0.00
The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module.
- CVE-2005-1039May 2, 2005risk 0.00cvss —epss 0.00
Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.