CVE-2025-5278

ADVISORY - nist

Summary

A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.

EPSS Score⁠: 0.00025 (0.054)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-121⁠

Stack-based Buffer Overflow

ADVISORY - redhat

CWE-121⁠

Stack-based Buffer Overflow

Impacted images

Advisories

NIST

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDCVE-2025-5278⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-121⁠

CVSS SCORE

4.4medium

Debian

CREATED

5 months ago

UPDATED

19 days ago

ADVISORY IDCVE-2025-5278⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

5 months ago

UPDATED

3 months ago

ADVISORY IDCVE-2025-5278⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Amazon

CREATED

1 month ago

UPDATED

23 days ago

ADVISORY IDALAS2023-2025-1194⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Red Hat

CREATED

5 months ago

UPDATED

5 months ago

ADVISORY IDCVE-2025-5278⁠

EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-121⁠

CVSS SCORE

4.4medium

Photon

CREATED

5 months ago

UPDATED

2 months ago

ADVISORY ID

CVE-2025-5278

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

4.4medium