NewStart CGSL MAIN 6.06 : coreutils Multiple Vulnerabilities (NS-SA-2025-0228)

critical Nessus Plugin ID 266248

Synopsis

The remote NewStart CGSL host is affected by multiple vulnerabilities.

Description

The remote NewStart CGSL host, running version MAIN 6.06, has coreutils packages installed that are affected by multiple vulnerabilities:

- Gnulib before 2017-04-26 has a heap-based buffer overflow with the TZ environment variable. The error is in the save_abbr function in time_rz.c. (CVE-2017-7476)

- The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings. (CVE-2015-4041)

- Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings. (CVE-2015-4042)

- In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX -R -L options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition. (CVE-2017-18018)

- The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing.
(CVE-2018-17942)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade the vulnerable CGSL coreutils packages. Note that updated packages may not be available yet. Please contact ZTE for more information.

See Also

https://security.gd-linux.com/notice/NS-SA-2025-0228

https://security.gd-linux.com/info/CVE-2015-4041

https://security.gd-linux.com/info/CVE-2015-4042

https://security.gd-linux.com/info/CVE-2017-18018

https://security.gd-linux.com/info/CVE-2017-7476

https://security.gd-linux.com/info/CVE-2018-17942

Plugin Details

Severity: Critical

ID: 266248

File Name: newstart_cgsl_NS-SA-2025-0228_coreutils.nasl

Version: 1.1

Type: local

Published: 9/30/2025

Updated: 9/30/2025

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: CVE-2017-7476

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:zte:cgsl_main:coreutils-common, cpe:/o:zte:cgsl_main:6, p-cpe:/a:zte:cgsl_main:coreutils

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/ZTE-CGSL/release, Host/ZTE-CGSL/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/30/2025

Vulnerability Publication Date: 5/15/2015

Reference Information

CVE: CVE-2015-4041, CVE-2015-4042, CVE-2017-18018, CVE-2017-7476, CVE-2018-17942