漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
uutils coreutils cp Semantic Loss and Potential Denial of Service with -R via Device Node Stream Reading
Vulnerability Description
The cp utility in uutils coreutils, when performing recursive copies (-R), incorrectly treats character and block device nodes as stream sources rather than preserving them. Because the implementation reads bytes into regular files at the destination instead of using mknod, device semantics are destroyed (e.g., /dev/null becomes a regular file). This behavior can lead to runtime denial of service through disk exhaustion or process hangs when reading from unbounded device nodes.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Vulnerability Type
使用不正确的解析名称或索引
Vulnerability Title
uutils coreutils 安全漏洞
Vulnerability Description
uutils coreutils是Uutils开源的一个跨平台核心命令行工具集。 uutils coreutils存在安全漏洞,该漏洞源于递归复制时错误处理字符和块设备节点,可能导致运行时拒绝服务,如磁盘耗尽或进程挂起。
CVSS Information
N/A
Vulnerability Type
N/A