Fluid Attacks Database

Description

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the uniq command, which triggers a stack-based buffer overflow in the alloca function.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel6	coreutils	<0:8.4-31.el6	0:8.4-31.el6
rpm rhel5	coreutils	-	-

Aliases

1. CVE-2013-02222. NVD-2013-02223. OSV-2013-0222

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.