CVE-2015-5218

2015-11-0916:59:06

CWE-119

redhat

web.nvd.nist.gov

cve-2015-5218

buffer overflow

colcrt.c

util-linux

denial of service

nvd

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

AI Score

8.2

Confidence

High

EPSS

Percentile

5.1%

JSON

Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.

Affected configurations

Nvd

Node

kernelutil-linuxRange≤2.22

Node

opensuseopensuseMatch13.1

opensuseopensuseMatch13.2

opensuse_projectleapMatch42.1

VendorProductVersionCPE
kernelutil-linux*cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*
opensuseopensuse13.1cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
opensuseopensuse13.2cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
opensuse_projectleap42.1cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kernel	util-linux	*	cpe:2.3:a:kernel:util-linux::::::::
opensuse	opensuse	13.1	cpe:2.3:o:opensuse:opensuse:13.1:::::::*
opensuse	opensuse	13.2	cpe:2.3:o:opensuse:opensuse:13.2:::::::*
opensuse_project	leap	42.1	cpe:2.3:o:opensuse_project:leap:42.1:::::::*