CVE-2015-4041

ADVISORY - nist

Summary

The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings.

EPSS Score⁠: 0.00066 (0.210)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-787⁠

Out-of-bounds Write

ADVISORY - redhat

CWE-122⁠

Heap-based Buffer Overflow

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.