EUVD-2026-24980

The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect, causing an immediate crash when encountering valid but non-UTF-8 paths. This diverg...

CVE-2026-35348

The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect, causing an immediate crash when encountering valid but non-UTF-8 paths. This diverg...

CVE-2026-35348

The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect, causing an immediate crash when encountering valid but non-UTF-8 paths. This diverg...

CVE-2026-35348

The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and utilizes expect, causing an immediate crash when encountering valid but non-UTF-8 paths. This diverg...

EUVD-2025-16308

Malicious code in bioql PyPI...

Amazon Linux 2023 : coreutils, coreutils-common, coreutils-single (ALAS2023-2025-1194)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1194 advisory. A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted...

EulerOS 2.0 SP12 : coreutils (EulerOS-SA-2025-2002)

According to the versions of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory...

SUSE CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

DEBIAN-CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

CVE-2025-5278 Coreutils: heap buffer under-read in gnu coreutils sort via key specification

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

CVE-2025-5278

CVE-2025-5278 (GNU Coreutils) : The sort utility’s begfield() is vulnerable to a heap buffer under-read, allowing access to memory outside the allocated buffer when a crafted command uses the traditional key format. The result can be a crash or leakage of sensitive data. Connected sources (EulerO...

CVE-2025-5278 Coreutils: heap buffer under-read in gnu coreutils sort via key specification

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

PT-2025-23038

Name of the Vulnerable Software and Affected Versions GNU Coreutils affected versions not specified Description A flaw was found in the sort utility's begfield function, which is vulnerable to a heap buffer under-read. This issue may cause the program to access memory outside the allocated buffer...

Multiple bugs in Caldera OpenServer utilities

Symlink problem on temporary files handling in sort and scoadmin...

sort creates temporary files insecurely

Overview The sort utility creates temporary files insecurely, making sort subject to a denial-of-service attack. Description The UNIX sort utility creates temporary files with predictable names. The creation is done in a manner to prevent information loss via a symlink attack, but existence of th...