CVE-2013-0221
Published: 23 November 2013
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function.
Notes
Author | Note |
---|---|
mdeslaur | Debian/Ubuntu doesn't use the vulnerable patch |