Wind River Support Network

HomeDefectsLIN1023-13170
Acknowledged

LIN1023-13170 : Security Advisory - coreutils - CVE-2025-5278

Created: May 28, 2025    Updated: Jun 20, 2025
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace

Description

A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.

CREATE(Triage):(User=admin) CVE-2025-5278 (https://nvd.nist.gov/vuln/detail/CVE-2025-5278)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube