oss-sec mailing list archives

CVE request for a bug in gnu coreutils 8.22

From: Qixue Xiao <s2exqx () gmail com>
Date: Fri, 14 Mar 2014 23:35:40 +0800

I am not sure whether this needs a CVE.


this bug will result an illegal memory access, which may be leak
information without authority.

and the author had fixed it after my report.

please see:
http://debbugs.gnu.org/cgi/bugreport.cgi?bug=16855


### Bug overview

    shuf -er or shuf -eer [ segment fault]
    impact [coreutils 8.22 ]

```
[15:03:59]xqx <at> server:~/data/xqx/projects/coreutils-8.22$
./obj-gcov/src/shuf -er
Segmentation fault (core dumped)

```

thanks
.

Current thread:

CVE request for a bug in gnu coreutils 8.22 Qixue Xiao (Mar 14)
- Re: CVE request for a bug in gnu coreutils 8.22 Marcus Meissner (Mar 14)
- <Possible follow-ups>
- CVE request for a bug in gnu coreutils 8.22 Qixue Xiao (Mar 19)
  - Re: CVE request for a bug in gnu coreutils 8.22 Solar Designer (Mar 19)