GNU Coreutils 8.23 on x64

CPE Details

GNU Coreutils 8.23 on x64
gnu
coreutils
8.23
2020-02-21
16h32 +00:00
2020-02-21
16h32 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:gnu:coreutils:8.23:*:*:*:*:*:x64:*

Informations

Vendor

gnu

Product

coreutils

Version

8.23

Target Hardware

x64

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2015-4042 2020-01-24 15h59 +00:00 Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.
9.8
Critical
CVE-2015-4041 2020-01-24 15h59 +00:00 The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings.
7.8
High
CVE-2017-18018 2018-01-04 03h00 +00:00 In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.
4.7
Medium
CVE-2016-2781 2017-02-07 14h00 +00:00 chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
6.5
Medium