Veracode Vulnerability DatabaseVERACODE:10763Denial Of Service (DoS)
0.026 Low
EPSS
Percentile
90.3%
coreutils is vulnerable to denial of service. The sort, uniq, and join utilities did not properly restrict the use of the alloca() function, which allows an attacker to crash those utilities in a stack-based buffer overflow by providing long input strings
References
rhn.redhat.com/errata/RHSA-2013-1652.html
access.redhat.com/errata/RHSA-2013:1652
access.redhat.com/security/cve/CVE-2013-0221
access.redhat.com/security/updates/classification/#low
access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Technical_Notes/coreutils.html#RHSA-2013-1652
bugzilla.novell.com/show_bug.cgi?id=798538
bugzilla.redhat.com/show_bug.cgi?id=747592
bugzilla.redhat.com/show_bug.cgi?id=816708
bugzilla.redhat.com/show_bug.cgi?id=827199
bugzilla.redhat.com/show_bug.cgi?id=836557
bugzilla.redhat.com/show_bug.cgi?id=842040
bugzilla.redhat.com/show_bug.cgi?id=903464
bugzilla.redhat.com/show_bug.cgi?id=908980
bugzilla.redhat.com/show_bug.cgi?id=965654
bugzilla.redhat.com/show_bug.cgi?id=980061
build.opensuse.org/request/show/149348#diff_headline_coreutils-i18n-patch_diff_action_0_submit_0_19
rhn.redhat.com/errata/RHSA-2013-1652.html
Related
