Fluid Attacks Database

Description

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the join command, when using the -i switch, which triggers a stack-based buffer overflow in the alloca function.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel5	coreutils	-	-
rpm rhel6	coreutils	<0:8.4-31.el6	0:8.4-31.el6

Aliases

1. CVE-2013-02232. NVD-2013-02233. OSV-2013-0223

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.