← Back

CVE-2013-0221

nvd nist
Published: Nov 23, 2013Modified: Apr 29, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:N/I:N/A:P
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function.

Affected (3)

Redhat
1 product
Enterprise Linux
Opensuse
1 product
Opensuse
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux
Version 6.0
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Opensuse
Version 12.1
Opensuse
Version 12.2

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
ExploitIssue Tracking
Source: secalert@redhat.com
Issue Tracking
Source: secalert@redhat.com
ExploitPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatch

Timeline

No history available yet.