Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 19 results


CVE-2024-0684

Medium priority
Not affected

A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and...

1 affected packages

coreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
coreutils Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2015-4042

Low priority
Ignored

Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings.

1 affected packages

coreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
coreutils
Show less packages

CVE-2015-4041

Low priority
Ignored

The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a...

1 affected packages

coreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
coreutils
Show less packages

CVE-2018-1063

Low priority
Vulnerable

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when...

1 affected packages

policycoreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
policycoreutils Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2017-18018

Low priority
Ignored

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary...

1 affected packages

coreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
coreutils Not affected Not affected Ignored Ignored
Show less packages

CVE-2015-1865

Low priority
Ignored

fts.c in coreutils 8.4 allows local users to delete arbitrary files.

1 affected packages

coreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
coreutils
Show less packages

CVE-2016-2781

Low priority
Vulnerable

chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.

1 affected packages

coreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
coreutils Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2016-7545

Medium priority
Ignored

SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.

1 affected packages

policycoreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
policycoreutils Not affected Not affected
Show less packages

CVE-2014-9471

Medium priority
Fixed

The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the "--date=TZ="123"345" @1" string to the...

1 affected packages

coreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
coreutils
Show less packages

CVE-2014-3215

Medium priority
Ignored

seunshare in policycoreutils 2.2.5 is owned by root with 4755 permissions, and executes programs in a way that changes the relationship between the setuid system call and the getresuid saved set-user-ID value, which makes it...

1 affected packages

policycoreutils

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
policycoreutils Not affected
Show less packages