Lucene search
K

826 matches found

OSV
OSV
added 6 days ago3 views

RHSA-2026:33124 Red Hat Security Advisory: coreutils security update

Bulletin has no description...

4.4CVSS5.7AI score0.00223EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added last week4 views

coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

4.4CVSS5.9AI score0.00223EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added last week5 views

Moderate: Red Hat Security Advisory: coreutils security update

An update for coreutils is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

4.4CVSS5.8AI score0.00223EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 10:8 a.m.4 views

RHSA-2026:28911 Red Hat Security Advisory: coreutils security update

Bulletin has no description...

4.4CVSS5.8AI score0.00223EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2026/06/24 9:9 a.m.9 views

Moderate: Red Hat Security Advisory: coreutils security update

An update for coreutils is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

4.4CVSS5.9AI score0.00223EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/06/24 9:9 a.m.9 views

coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

4.4CVSS6AI score0.00223EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2026/06/24 12:0 a.m.6 views

Moderate: coreutils security update

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fixes: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-5278 For more details about the security...

4.4CVSS5.9AI score0.00223EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in coreutils

The vulnerability of the GNU Core Utilities basic utility package relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...

8.8CVSS6.1AI score
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in coreutils

The vulnerability of the GNU Core Utilities basic utility package relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to cause a service failure...

5.5CVSS6.2AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.6 views

CentOS 9 : coreutils-8.32-42.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the coreutils-8.32-42.el9 build changelog. - A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...

4.4CVSS5.7AI score0.00223EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/29 10:8 a.m.7 views

CVE-2026-35379

A flaw was found in the tr utility of uutils coreutils. A logic error causes the program to incorrectly define the :graph: and :print: character classes, reversing their standard behavior. This vulnerability can lead to unintended data modification or loss when the utility is used in automated...

3.3CVSS5.5AI score0.00149EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/29 10:8 a.m.6 views

CVE-2026-35378

A flaw was found in the expr utility of uutils coreutils. A logic error in how the utility evaluates parenthesized subexpressions prevents proper short-circuiting for logical OR and AND operations. This can lead to arithmetic errors, such as division by zero, in parts of expressions that should b...

3.3CVSS5.2AI score0.00156EPSS
Exploits1References2
Redos
Redos
added 2026/04/29 12:0 a.m.7 views

ROS-20260429-73-0001

A vulnerability in the begfield function of the GNU Core Utilities GNU Coreutils sort component is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to disclose protected information and cause a denial of service...

4.4CVSS5.1AI score0.00223EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/24 8:32 p.m.9 views

CVE-2026-35348

The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect, causing an immediate crash when encountering valid but non-UTF-8 paths. This diverg...

5.5CVSS5.2AI score0.00134EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/24 8:32 p.m.4 views

CVE-2026-35370

The id utility in uutils coreutils miscalculates the groups= section of its output. The implementation uses a user's real GID instead of their effective GID to compute the group list, leading to potentially divergent output compared to GNU coreutils. Because many scripts and automated processes...

4.4CVSS5.2AI score0.00108EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/24 8:32 p.m.7 views

CVE-2026-35339

The recursive mode -R of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determined solely by the success or failure of the last file processed. This allows the command to return an exit code of 0 success even if error...

5.5CVSS5.4AI score0.00142EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/24 8:32 p.m.7 views

CVE-2026-35340

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

5.5CVSS5.3AI score0.00142EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/24 8:32 p.m.7 views

CVE-2026-35358

The cp utility in uutils coreutils, when performing recursive copies -R, incorrectly treats character and block device nodes as stream sources rather than preserving them. Because the implementation reads bytes into regular files at the destination instead of using mknod, device semantics are...

5.5CVSS5.2AI score0.00177EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/24 7:16 p.m.8 views

CVE-2026-35375

A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes tostringlossy when constructing chunk filenames, which automatically rewrites invalid byte sequences into the UTF-8...

3.3CVSS5.4AI score0.00143EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/24 7:16 p.m.6 views

CVE-2026-35349

A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather than comparing device and inode numbers to identify the root directory. An attacker or accidental user can bypass this safeguard by using a...

7.7CVSS5.4AI score0.00184EPSS
Exploits0References2
Rows per page
Query Builder