← back
CVE-2013-0221

CVE-2013-0221

EPSS 7.3%
The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/38232unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://rhn.redhat.com/errata/RHSA-2013-1652.htmlhttps://bugzilla.novell.com/show_bug.cgi?id=798538https://bugzilla.redhat.com/show_bug.cgi?id=903464https://build.opensuse.org/request/show/149348#diff_headline_coreutils-i18n-patch_diff_action_0_submit_0_19