CVE-2025-5278 – “GNU Coreutils Sort Utility Heap Buffer Under-Read Vulnerability”

CVE ID : CVE-2025-5278

Published : May 27, 2025, 9:15 p.m. | 22 minutes ago

Description : A flaw was found in GNU Coreutils. The sort utility’s begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.

Severity: 4.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…