CVE-2015-5218

NONE EPSS 44.9%
Published Nov 9, 201510y ago · Modified Jun 17, 20262w ago
Find Similar
Published Nov 9, 2015 10y ago
Last Modified Jun 17, 2026 2w ago

Description

Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.

Threat Intelligence

EPSS Exploit Probability
44.9% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety

Affected Products 4

VendorProductVersionRange
kernelutil-linux* ≤2.22
opensuseopensuse13.1any
opensuseopensuse13.2any
opensuse_projectleap42.1any

References 6

  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-11/msg00035.html
    Third Party Advisory
  • spinics.net http://www.spinics.net/lists/util-linux-ng/msg11873.html
    Exploit
  • bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1259322
    Issue TrackingThird Party Advisory
  • github.com https://github.com/kerolasa/lelux-utiliteetit/commit/70e3fcf293c1827a2655a86584ab13075124a8a8
    Issue TrackingPatchThird Party Advisory
  • github.com https://github.com/kerolasa/lelux-utiliteetit/commit/d883d64d96ab9bef510745d064a351145b9babec
    Issue TrackingPatchThird Party Advisory
  • kernel.org https://www.kernel.org/pub/linux/utils/util-linux/v2.27/v2.27-ReleaseNotes
    Release NotesVendor Advisory

Remediation

  • github.com https://github.com/kerolasa/lelux-utiliteetit/commit/70e3fcf293c1827a2655a86584ab13075124a8a8
    Issue TrackingPatchThird Party Advisory
  • github.com https://github.com/kerolasa/lelux-utiliteetit/commit/d883d64d96ab9bef510745d064a351145b9babec
    Issue TrackingPatchThird Party Advisory