Gnu: >> Coreutils >> 9.2 Security Vulnerabilities
A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.
CVSS Score
5.5
EPSS Score
0.001
Published
2024-02-06
chroot in GNU coreutils, when used with --userspec, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer.
CVSS Score
6.5
EPSS Score
0.001
Published
2017-02-07