PT-2020-7843 · Gnu+2 · Gnu Coreutils+2

Pádraig Brady

Published

2015-07-05

Updated

2024-06-15

CVE-2015-4042

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: GNU Coreutils versions through 8.23

Description: The issue is related to an integer overflow in the keycompare mb function in sort.c, which might allow attackers to cause a denial of service, such as an application crash, or possibly have other unspecified impacts via long strings.

Recommendations: For GNU Coreutils versions through 8.23, update to a version later than 8.23 to resolve the issue.

Exploit

Fix

DoS

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2015-1847

CVE-2015-4042

MGASA-2015-0259

OPENSUSE-SU-2024:10390-1

SUSE-SU-2015:1637-1

Affected Products

Alt Linux

Gnu Coreutils

Suse

PT-2020-7843 · Gnu+2 · Gnu Coreutils+2

CVE-2015-4042

Weakness Enumeration

Related Identifiers

Affected Products

References · 22