Vulnerability CVE-2015-5218: Information

Description

Buffer overflow in text-utils/colcrt.c in colcrt in util-linux before 2.27 allows local users to cause a denial of service (crash) via a crafted file, related to the page global variable.

Severity: LOW (2.1)

URL: https://nvd.nist.gov/vuln/detail/CVE-2015-5218

Published: Nov. 9, 2015

Modified: Oct. 30, 2018

Error type identifier: CWE-119

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
util-linux	c7	2.22.1-alt1.M70C.3	2.22.1-alt1.M70C.3	ALT-PU-2016-1269-1	161546	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
https://github.com/kerolasa/lelux-utiliteetit/commit/70e3fcf293c1827a2655a86584ab13075124a8a8	Patch Issue Tracking Third Party Advisory
[util-linux] 20150807 crash in colcrt	Exploit
https://www.kernel.org/pub/linux/utils/util-linux/v2.27/v2.27-ReleaseNotes	Release Notes Vendor Advisory
openSUSE-SU-2015:1910	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1259322	Issue Tracking Third Party Advisory
https://github.com/kerolasa/lelux-utiliteetit/commit/d883d64d96ab9bef510745d064a351145b9babec	Issue Tracking Patch Third Party Advisory

Affected configurations:
1. Configuration 1
  cpe:2.3:a:kernel:util-linux:*:*:*:*:*:*:*:*
  End including
  2.22
  
  Configuration 2
  cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*
  cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Version: v24.5.0

Vulnerability CVE-2015-5218: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2