Gnu · Gnu Coreutils · CVE-2015-4041
Name of the Vulnerable Software and Affected Versions:
GNU Coreutils versions through 8.23
Description:
The issue arises from a size calculation error in the keycompare mb function, specifically when handling multibyte characters in UTF-8 strings on 64-bit platforms. This error can lead to a denial of service, resulting in a heap-based buffer overflow and application crash. It may also have other unspecified impacts when processing long UTF-8 strings.
Recommendations:
For GNU Coreutils versions through 8.23, update to a version that addresses this issue to prevent potential denial of service or other unspecified impacts.