{ "dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": { "cveId": "CVE-2025-5278", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-05-27T14:05:48.552Z", "datePublished": "2025-05-27T20:52:58.545Z", "dateUpdated": "2025-10-22T20:13:44.850Z" }, "containers": { "cna": { "title": "Coreutils: heap buffer under-read in gnu coreutils sort via key specification", "metrics": [ { "other": { "content": { "value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L", "version": "3.1" }, "format": "CVSS" } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data." } ], "affected": [ { "versions": [ { "status": "affected", "version": "7.2", "lessThan": "9.8", "versionType": "semver" } ], "packageName": "coreutils", "collectionURL": "https://cgit.git.savannah.gnu.org/cgit/coreutils.git/", "defaultStatus": "unaffected" }, { "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "coreutils", "defaultStatus": "affected", "cpes": [ "cpe:/o:redhat:enterprise_linux:10" ] }, { "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "coreutils", "defaultStatus": "unknown", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ] }, { "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "coreutils", "defaultStatus": "unknown", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ] }, { "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "coreutils", "defaultStatus": "affected", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ] }, { "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "coreutils", "defaultStatus": "affected", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ] }, { "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "cpes": [ "cpe:/a:redhat:openshift:4" ] } ], "references": [ { "url": "https://access.redhat.com/security/cve/CVE-2025-5278", "tags": [ "vdb-entry", "x_refsource_REDHAT" ] }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368764", "name": "RHBZ#2368764", "tags": [ "issue-tracking", "x_refsource_REDHAT" ] }, { "url": "https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633" } ], "datePublic": "2025-05-27T00:00:00.000Z", "problemTypes": [ { "descriptions": [ { "cweId": "CWE-121", "description": "Stack-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "x_redhatCweChain": "CWE-121: Stack-based Buffer Overflow", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "timeline": [ { "lang": "en", "time": "2025-05-27T13:50:20.148000+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2025-05-27T00:00:00+00:00", "value": "Made public." } ], "credits": [ { "lang": "en", "value": "Red Hat would like to thank Mohamed Maatallah for reporting this issue." } ], "providerMetadata": { "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-10-22T20:13:44.850Z" } }, "adp": [ { "title": "CVE Program Container", "references": [ { "url": "http://www.openwall.com/lists/oss-security/2025/05/27/2" }, { "url": "http://www.openwall.com/lists/oss-security/2025/05/29/1" }, { "url": "https://security-tracker.debian.org/tracker/CVE-2025-5278" }, { "url": "https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633" }, { "url": "https://cgit.git.savannah.gnu.org/cgit/coreutils.git/tree/NEWS?id=8c9602e3a145e9596dc1a63c6ed67865814b6633#n14" }, { "url": "http://www.openwall.com/lists/oss-security/2025/05/29/2" } ], "providerMetadata": { "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-05-29T18:03:55.440Z" } }, { "metrics": [ { "other": { "type": "ssvc", "content": { "timestamp": "2025-05-28T13:46:35.101788Z", "id": "CVE-2025-5278", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "version": "2.0.3" } } } ], "title": "CISA ADP Vulnrichment", "providerMetadata": { "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-28T13:48:21.860Z" } } ] } }