CVE-2015-5218
NONE EPSS 44.9%
Published Nov 9, 201510y ago · Modified Jun 17, 20262w ago
Published Nov 9, 2015 10y ago
Last Modified Jun 17, 2026 2w ago
Description
Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.
Threat Intelligence
EPSS Exploit Probability
44.9% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available
Weaknesses 1
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Memory Safety
Affected Products 4
| Vendor | Product | Version | Range |
|---|---|---|---|
| kernel | util-linux | * | ≤2.22 |
| opensuse | opensuse | 13.1 | any |
| opensuse | opensuse | 13.2 | any |
| opensuse_project | leap | 42.1 | any |
References 6
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-11/msg00035.html
- spinics.net http://www.spinics.net/lists/util-linux-ng/msg11873.html
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=1259322
- github.com https://github.com/kerolasa/lelux-utiliteetit/commit/70e3fcf293c1827a2655a86584ab13075124a8a8
- github.com https://github.com/kerolasa/lelux-utiliteetit/commit/d883d64d96ab9bef510745d064a351145b9babec
- kernel.org https://www.kernel.org/pub/linux/utils/util-linux/v2.27/v2.27-ReleaseNotes
Remediation
- github.com https://github.com/kerolasa/lelux-utiliteetit/commit/70e3fcf293c1827a2655a86584ab13075124a8a8
- github.com https://github.com/kerolasa/lelux-utiliteetit/commit/d883d64d96ab9bef510745d064a351145b9babec