https://bugzilla.novell.com/show_bug.cgi?id=798541

RHSA-2013:1652

https://bugzilla.redhat.com/show_bug.cgi?id=903466

https://build.opensuse.org/request/show/149348#diff_headline_coreutils-i18n-patch_diff_action_0_submit_0_19

The SUSE coreutils-i18n.patch for GNU coreutils allows context-dependent attackers to cause a denial of service (segmentation fault and crash) via a long string to the sort command, when using the (1) -d or (2) -M switch, which triggers a stack-based buffer overflow in the alloca function.

coreutils was updated to fix a bug in 'sort' :

Fixed memory handling error with case insensitive sort using UTF-8 (boo#928749).

Updated coreutils packages that fix three security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The coreutils package contains the core GNU utilities. It is a combination of the old GNU fileutils, sh-utils, and textutils packages.

It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca() function. An attacker could use this flaw to crash those utilities by providing long input strings. (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223)

These updated coreutils packages include numerous bug fixes and two enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes.

All coreutils users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

- Avoid segmentation fault in 'join -i' with long line     input (bnc#798541, VUL-1, CVE-2013-0223)

  - Avoid segmentation fault in 'uniq' with long line input     (bnc#796243, VUL-1, CVE-2013-0222)

  - Avoid segmentation fault in 'sort -d' and 'sort -M' with     long line input (bnc#798538, VUL-1, CVE-2013-0221)

  - don't leak a file descriptor for each non-seekable input

- Avoid segmentation fault in 'join -i' with long line     input (bnc#798541, VUL-1, CVE-2013-0223)

  - Avoid segmentation fault in 'uniq' with long line input     (bnc#796243, VUL-1, CVE-2013-0222)

  - Avoid segmentation fault in 'sort -d' and 'sort -M' with     long line input (bnc#798538, VUL-1, CVE-2013-0221)

It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca() function. An attacker could use this flaw to crash those utilities by providing long input strings. (CVE-2013-0221 , CVE-2013-0222 , CVE-2013-0223)

It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca() function. An attacker could use this flaw to crash those utilities by providing long input strings. (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223)

From Red Hat Security Advisory 2013:1652 :

Updated coreutils packages that fix three security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The coreutils package contains the core GNU utilities. It is a combination of the old GNU fileutils, sh-utils, and textutils packages.

It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca() function. An attacker could use this flaw to crash those utilities by providing long input strings. (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223)

These updated coreutils packages include numerous bug fixes and two enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.5 Technical Notes, linked to in the References, for information on the most significant of these changes.

All coreutils users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add these enhancements.

This coreutils update fixes three minor security issues :

  - VUL-1: CVE-2013-0221: segmentation fault in 'sort -d'     and 'sort -M' with long line input. (bnc#798538)

  - VUL-1: CVE-2013-0222: segmentation fault in 'uniq' with     long line input. (bnc#796243)

  - VUL-1: CVE-2013-0223: segmentation fault in 'join -i'     with long line input (bnc#798541)

Multiple vulnerabilities has been found and corrected in coreutils :

Long line inputs could trigger a segfault in the sort, uniq and join utilities (CVE-2013-0221, CVE-2013-0222, CVE-2013-0223).

The updated packages have been patched to correct these issues.

- fix multiple segmantation faults in i18n patch (by SUSE)     (#869442, #902917)-     CVE2013-0223/CVE2013-0221/CVE2013-0222

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

ID	Name	Product	Family	Severity
85916	F5 Networks BIG-IP : SUSE coreutils vulnerabilities (SOL16859)	Nessus	F5 Networks Local Security Checks	medium
83807	openSUSE Security Update : coreutils (openSUSE-2015-381)	Nessus	SuSE Local Security Checks	medium
79171	CentOS 6 : coreutils (CESA-2013:1652)	Nessus	CentOS Local Security Checks	medium
75167	openSUSE Security Update : coreutils (openSUSE-SU-2013:0232-1)	Nessus	SuSE Local Security Checks	medium
75162	openSUSE Security Update : coreutils (openSUSE-SU-2013:0233-1)	Nessus	SuSE Local Security Checks	medium
71401	Amazon Linux AMI : coreutils (ALAS-2013-261)	Nessus	Amazon Linux Local Security Checks	medium
71296	Scientific Linux Security Update : coreutils on SL6.x i386/x86_64 (20131121)	Nessus	Scientific Linux Local Security Checks	medium
71109	Oracle Linux 6 : coreutils (ELSA-2013-1652)	Nessus	Oracle Linux Local Security Checks	medium
71014	RHEL 6 : coreutils (RHSA-2013:1652)	Nessus	Red Hat Local Security Checks	medium
70134	SuSE 11.2 / 11.3 Security Update : coreutils (SAT Patch Numbers 8334 / 8336)	Nessus	SuSE Local Security Checks	medium
66041	Mandriva Linux Security Advisory : coreutils (MDVSA-2013:023-1)	Nessus	Mandriva Local Security Checks	medium
64420	Fedora 18 : coreutils-8.17-8.fc18 (2013-1455)	Nessus	Fedora Local Security Checks	medium

CVE-2013-0223

low

New! CVE Severity Now Using CVSS v3

Description

References

Details

Risk Information

CVSS v2

Vulnerable Software

Configuration 1

Tenable Plugins

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium

medium