CVE-2025-5278 – “GNU Coreutils Sort Utility Heap Buffer Under-Read Vulnerability”

May 27, 2025

CVE ID : CVE-2025-5278

Published : May 27, 2025, 9:15 p.m. | 3 hours, 44 minutes ago

Description : A flaw was found in GNU Coreutils. The sort utility’s begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.

Severity: 4.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5222 – ICU Buffer Overflow Vulnerability

Next Article CVE-2025-5283 – Google Chrome libvpx Use-After-Free Heap Corruption Vulnerability

This week in AI updates: Mistral’s new Le Chat features, ChatGPT updates, and more (September 5, 2025)

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Hitachi Energy Pledges $1B to Strengthen US Grid, Build Largest Transformer Plant in Virginia

How to debug a web app with Playwright MCP and GitHub Copilot

Between Strategy and Story: Thierry Chopain’s Creative Path

What You Need to Know About CSS Color Interpolation

Why browsers throttle JavaScript timers (and what to do about it)

Why browsers throttle JavaScript timers (and what to do about it)

How to create Google Gemini AI component in Total.js Flow

Drupal 11’s AI Features: What They Actually Mean for Your Team

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

Harnessing GitOps on Linux for Seamless, Git-First Infrastructure Management

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

CVE-2025-5278 – “GNU Coreutils Sort Utility Heap Buffer Under-Read Vulnerability”

GhostRedirector poisons Windows servers: Backdoors with a side of Potatoes

VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

Gemini adds powerful new Deep Think model – what it does and who can try it

CVE-2014-7210 – Debian pdns MySQL Privilege Escalation

Blade Service Injection: Direct Service Access in Laravel Templates

CVE-2025-5660 – PHPGurukul Complaint Management System SQL Injection Vulnerability

Meet Boti: The AI assistant transforming how the citizens of Buenos Aires access government information with Amazon Bedrock

Using generative AI, researchers design compounds that can kill drug-resistant bacteria

Can GPT-5 fix Apple Intelligence? We’re about to find out

AdGuard joins the Windows Recall backlash party — “Leaving backdoors wide open and hoping Microsoft will always act in good faith isn’t a solid privacy strategy”

CVE-2025-5278 – “GNU Coreutils Sort Utility Heap Buffer Under-Read Vulnerability”

Related Posts