Moderate: Red Hat Security Advisory: coreutils security update

An update for coreutils is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: coreutils security update

The coreutils packages contain the GNU Core Utilities and represent a combination of the previously used GNU fileutils, sh-utils, and textutils packages. Security Fixes: coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-5278 For more details about the security...

Astra Linux – Vulnerability in libxml2

In libxml2 versions before 2.13.8 and 2.14.x before 2.14.2, there is a issue where xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this vulnerability, a crafted XML document must be validated against an XML schema with certain identity constraints, or a...

CentOS 9 : coreutils-8.32-42.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the coreutils-8.32-42.el9 build changelog. - A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...

TencentOS Server 3: libxml2 (TSSA-2025:1013)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:1013 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

PT-2026-38858

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

BIT-JAVA-2025-32415

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

PT-2026-37837

In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used...

EulerOS Virtualization 2.10.0 : coreutils (EulerOS-SA-2026-1158)

According to the versions of the coreutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program ma...

K000159661: libxml2 vulnerabilities CVE-2025-32414 and CVE-2025-32415

Security Advisory Description CVE-2025-32414 In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memory access can occur in the Python API Python bindings because of an incorrect return value. This occurs in xmlPythonFileRead and xmlPythonFileReadRaw because of a difference between...

EulerOS Virtualization 2.13.0 : coreutils (EulerOS-SA-2025-2570)

According to the versions of the coreutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program ma...

EulerOS Virtualization 2.13.1 : coreutils (EulerOS-SA-2025-2535)

According to the versions of the coreutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program ma...

Security Bulletin: Vulnerability in libxml2 library (CVE-2025-32415) affects Power HMC.

Summary The libxml2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-32415 DESCRIPTION: In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer...

EulerOS 2.0 SP10 : coreutils (EulerOS-SA-2025-2381)

According to the versions of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...

Amazon Linux 2023 : coreutils, coreutils-common, coreutils-single (ALAS2023-2025-1194)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1194 advisory. A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted...

Medium: coreutils

Issue Overview: A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash ...

EulerOS Virtualization 2.13.1 : libxml2 (EulerOS-SA-2025-2174)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap- based buffer under-read...

EulerOS 2.0 SP12 : coreutils (EulerOS-SA-2025-2033)

According to the versions of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...

Linux Distros Unpatched Vulnerability : CVE-2025-5278

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the...

EulerOS 2.0 SP11 : coreutils (EulerOS-SA-2025-1922)

According to the versions of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...