CVE-2025-5278

EUVD-2025-16308
A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
Debian logo
Debian Releases
Debian Product
Codename
coreutils
bookworm
unimportant
bullseye
unimportant
forky
unimportant
sid
unimportant
trixie
unimportant
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
coreutils
suse enterprise desktop 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise desktop 15 SP7
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP4
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP5
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP7
8.32-150400.9.9.1
fixed
suse enterprise server 12 SP3
8.25-13.19.1
fixed
suse enterprise server 12 SP5
8.25-13.19.1
fixed
suse enterprise server 15 SP3
8.32-150300.3.11.1
fixed
suse enterprise server 15 SP4
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP5
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP7
8.32-150400.9.9.1
fixed
coreutils-doc
suse enterprise desktop 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise desktop 15 SP7
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP4
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP5
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP7
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP3
8.32-150300.3.11.1
fixed
suse enterprise server 15 SP4
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP5
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP7
8.32-150400.9.9.1
fixed
coreutils-lang
suse enterprise desktop 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise desktop 15 SP7
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP4
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP5
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise sap 15 SP7
8.32-150400.9.9.1
fixed
suse enterprise server 12 SP3
8.25-13.19.1
fixed
suse enterprise server 12 SP5
8.25-13.19.1
fixed
suse enterprise server 15 SP3
8.32-150300.3.11.1
fixed
suse enterprise server 15 SP4
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP5
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP6
8.32-150400.9.9.1
fixed
suse enterprise server 15 SP7
8.32-150400.9.9.1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2025-5278
https://bugzilla.redhat.com/show_bug.cgi?id=2368764
https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=78507
http://www.openwall.com/lists/oss-security/2025/05/27/2
http://www.openwall.com/lists/oss-security/2025/05/29/1
http://www.openwall.com/lists/oss-security/2025/05/29/2
https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633
https://cgit.git.savannah.gnu.org/cgit/coreutils.git/tree/NEWS?id=8c9602e3a145e9596dc1a63c6ed67865814b6633#n14
https://security-tracker.debian.org/tracker/CVE-2025-5278