Debian Coreutils vulnerabilities

CVE-2025-5278 [MEDIUM] CVE-2025-5278: coreutils - A flaw was found in GNU Coreutils. The sort utility's begfield() function is vul... A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. Scope: local bookworm: open bullseye: open forky: open sid:

CVE-2024-0684 [MEDIUM] CVE-2024-0684: coreutils - A flaw was found in the GNU coreutils "split" program. A heap overflow with user... A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service. Scope: local bookworm: resolved bullseye: resolved forky: resolved (fixed in 9.5-1) sid: resolved (fixed in 9.5-1) tri

CVE-2017-2616 [MEDIUM] CVE-2017-2616: coreutils - A race condition was found in util-linux before 2.32.1 in the way su handled the... A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. Scope: local bookworm: resolved (fixed in 8.20-1) bullseye: resolved (fixed in 8.20-1) forky: resolved (fixed in 8.20-1) sid: resol

CVE-2017-18018 [HIGH] CVE-2017-18018: coreutils - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent ... In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2016-2781 [MEDIUM] CVE-2016-2781: coreutils - chroot in GNU coreutils, when used with --userspec, allows local users to escape... chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. Scope: local bookworm: open bullseye: open forky: resolved (fixed in 9.4-1) sid: resolved (fixed in 9.4-1) trixie: resolved (fixed in 9.4-1)

CVE-2015-1865 [MEDIUM] CVE-2015-1865: coreutils - fts.c in coreutils 8.4 allows local users to delete arbitrary files. fts.c in coreutils 8.4 allows local users to delete arbitrary files. Scope: local bookworm: resolved (fixed in 8.13-1) bullseye: resolved (fixed in 8.13-1) forky: resolved (fixed in 8.13-1) sid: resolved (fixed in 8.13-1) trixie: resolved (fixed in 8.13-1)

CVE-2015-4041 [HIGH] CVE-2015-4041: coreutils - The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64... The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings. Sc

CVE-2015-4042 [CRITICAL] CVE-2015-4042: coreutils - Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutil... Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2014-9471 [HIGH] CVE-2014-9471: coreutils - The parse_datetime function in GNU coreutils allows remote attackers to cause a ... The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the touch or date command. Scope: local bookworm: resolved (fixed in 8.23-1) bullseye: resolved (fixed in 8.23-1) forky: resolved (fixed in 8.

CVE-2013-0221 [MEDIUM] CVE-2013-0221: coreutils - The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attacke... The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: res

CVE-2013-0222 [LOW] CVE-2013-0222: coreutils - The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attacke... The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2013-0223 [LOW] CVE-2013-0223: coreutils - The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attacke... The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: res

CVE-2009-4135 [MEDIUM] CVE-2009-4135: coreutils - The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows lo... The distcheck rule in dist-check.mk in GNU coreutils 5.2.1 through 8.1 allows local users to gain privileges via a symlink attack on a file in a directory tree under /tmp. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2008-1946 [MEDIUM] CVE-2008-1946: coreutils - The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows l... The default configuration of su in /etc/pam.d/su in GNU coreutils 5.2.1 allows local users to gain the privileges of a (1) locked or (2) expired account by entering the account name on the command line, related to improper use of the pam_succeed_if.so module. Scope: local bookworm: resolved (fixed in 5.93-1) bullseye: resolved (fixed in 5.93-1) forky: resolved (fi

CVE-2007-4998 [MEDIUM] CVE-2007-4998: coreutils - cp, when running with an option to preserve symlinks on multiple OSes, allows lo... cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination. Scope: local bookworm: resolved (fixed in 4.1.2) bullseye: resolved (fixed in 4.1.2) forky: resolved (fixed

CVE-2005-1039 [LOW] CVE-2005-1039: coreutils - Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, o... Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files. Scope: local bookworm: resolved (fixed in 6.10-1) bullseye: resolved (fixed in 6.10-1) forky: resolved (fixed in 6.10-1) sid: resolved (fixed in 6.10-1) trixie: resolved (fixed in 6.10-1)

CVE-2003-0853 [MEDIUM] CVE-2003-0853: coreutils - An integer overflow in ls in the fileutils or coreutils packages may allow local... An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. Scope: local bookworm: resolved (fixed in 5.2.1-1) bullseye: resolved (fixed in 5.2.1-1) forky: resolved (fixed in 5.2.1-

CVE-2003-0854 [LOW] CVE-2003-0854: coreutils - ls in the fileutils or coreutils packages allows local users to consume a large ... ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. Scope: local bookworm: resolved (fixed in 5.2.1-1) bullseye: resolved (fixed in 5.2.1-1) forky: resolved (fixed in 5.2.1-1) sid: resolved (fixed in 5.2.1-1) trixie: resolv