{"id":"ALPINE-CVE-2024-0684","details":"A flaw was found in the GNU coreutils \"split\" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line_bytes_split() function, potentially leading to an application crash and denial of service.","modified":"2025-12-03T22:54:38.681696Z","published":"2024-02-06T09:15:52.643Z","upstream":["CVE-2024-0684"],"references":[{"type":"ADVISORY","url":"https://security.alpinelinux.org/vuln/CVE-2024-0684"}],"affected":[{"package":{"name":"coreutils","ecosystem":"Alpine:v3.18","purl":"pkg:apk/alpine/coreutils?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.3-r2"}]}],"versions":["7.1-r0","7.1-r1","7.4-r0","7.5-r0","7.6-r0","8.10-r0","8.10-r1","8.10-r2","8.11-r0","8.12-r0","8.12-r1","8.13-r0","8.14-r0","8.15-r0","8.16-r0","8.17-r0","8.18-r0","8.19-r0","8.2-r0","8.20-r0","8.20-r1","8.21-r1","8.21-r2","8.21-r3","8.21-r4","8.22-r0","8.22-r1","8.23-r0","8.24-r0","8.25-r0","8.26-r0","8.27-r0","8.28-r0","8.29-r0","8.29-r1","8.29-r2","8.30-r0","8.31-r0","8.32-r0","8.32-r1","8.32-r2","8.4-r0","8.4-r1","8.4-r2","8.5-r0","8.5-r1","8.6-r0","8.7-r0","8.8-r0","8.9-r0","9.0-r0","9.0-r1","9.0-r2","9.0-r3","9.1-r0","9.2-r0","9.2-r1","9.2-r2","9.2-r3","9.3-r0","9.3-r1"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2024-0684.json"}},{"package":{"name":"coreutils","ecosystem":"Alpine:v3.19","purl":"pkg:apk/alpine/coreutils?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.4-r2"}]}],"versions":["7.1-r0","7.1-r1","7.4-r0","7.5-r0","7.6-r0","8.10-r0","8.10-r1","8.10-r2","8.11-r0","8.12-r0","8.12-r1","8.13-r0","8.14-r0","8.15-r0","8.16-r0","8.17-r0","8.18-r0","8.19-r0","8.2-r0","8.20-r0","8.20-r1","8.21-r1","8.21-r2","8.21-r3","8.21-r4","8.22-r0","8.22-r1","8.23-r0","8.24-r0","8.25-r0","8.26-r0","8.27-r0","8.28-r0","8.29-r0","8.29-r1","8.29-r2","8.30-r0","8.31-r0","8.32-r0","8.32-r1","8.32-r2","8.4-r0","8.4-r1","8.4-r2","8.5-r0","8.5-r1","8.6-r0","8.7-r0","8.8-r0","8.9-r0","9.0-r0","9.0-r1","9.0-r2","9.0-r3","9.1-r0","9.2-r0","9.2-r1","9.2-r2","9.2-r3","9.3-r0","9.3-r1","9.3-r2","9.3-r3","9.3-r4","9.3-r5","9.3-r6","9.3-r7","9.4-r0","9.4-r1"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2024-0684.json"}},{"package":{"name":"coreutils","ecosystem":"Alpine:v3.20","purl":"pkg:apk/alpine/coreutils?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.4-r2"}]}],"versions":["7.1-r0","7.1-r1","7.4-r0","7.5-r0","7.6-r0","8.10-r0","8.10-r1","8.10-r2","8.11-r0","8.12-r0","8.12-r1","8.13-r0","8.14-r0","8.15-r0","8.16-r0","8.17-r0","8.18-r0","8.19-r0","8.2-r0","8.20-r0","8.20-r1","8.21-r1","8.21-r2","8.21-r3","8.21-r4","8.22-r0","8.22-r1","8.23-r0","8.24-r0","8.25-r0","8.26-r0","8.27-r0","8.28-r0","8.29-r0","8.29-r1","8.29-r2","8.30-r0","8.31-r0","8.32-r0","8.32-r1","8.32-r2","8.4-r0","8.4-r1","8.4-r2","8.5-r0","8.5-r1","8.6-r0","8.7-r0","8.8-r0","8.9-r0","9.0-r0","9.0-r1","9.0-r2","9.0-r3","9.1-r0","9.2-r0","9.2-r1","9.2-r2","9.2-r3","9.3-r0","9.3-r1","9.3-r2","9.3-r3","9.3-r4","9.3-r5","9.3-r6","9.3-r7","9.4-r0","9.4-r1"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2024-0684.json"}},{"package":{"name":"coreutils","ecosystem":"Alpine:v3.21","purl":"pkg:apk/alpine/coreutils?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.4-r2"}]}],"versions":["7.1-r0","7.1-r1","7.4-r0","7.5-r0","7.6-r0","8.10-r0","8.10-r1","8.10-r2","8.11-r0","8.12-r0","8.12-r1","8.13-r0","8.14-r0","8.15-r0","8.16-r0","8.17-r0","8.18-r0","8.19-r0","8.2-r0","8.20-r0","8.20-r1","8.21-r1","8.21-r2","8.21-r3","8.21-r4","8.22-r0","8.22-r1","8.23-r0","8.24-r0","8.25-r0","8.26-r0","8.27-r0","8.28-r0","8.29-r0","8.29-r1","8.29-r2","8.30-r0","8.31-r0","8.32-r0","8.32-r1","8.32-r2","8.4-r0","8.4-r1","8.4-r2","8.5-r0","8.5-r1","8.6-r0","8.7-r0","8.8-r0","8.9-r0","9.0-r0","9.0-r1","9.0-r2","9.0-r3","9.1-r0","9.2-r0","9.2-r1","9.2-r2","9.2-r3","9.3-r0","9.3-r1","9.3-r2","9.3-r3","9.3-r4","9.3-r5","9.3-r6","9.3-r7","9.4-r0","9.4-r1"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2024-0684.json"}},{"package":{"name":"coreutils","ecosystem":"Alpine:v3.22","purl":"pkg:apk/alpine/coreutils?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.4-r2"}]}],"versions":["7.1-r0","7.1-r1","7.4-r0","7.5-r0","7.6-r0","8.10-r0","8.10-r1","8.10-r2","8.11-r0","8.12-r0","8.12-r1","8.13-r0","8.14-r0","8.15-r0","8.16-r0","8.17-r0","8.18-r0","8.19-r0","8.2-r0","8.20-r0","8.20-r1","8.21-r1","8.21-r2","8.21-r3","8.21-r4","8.22-r0","8.22-r1","8.23-r0","8.24-r0","8.25-r0","8.26-r0","8.27-r0","8.28-r0","8.29-r0","8.29-r1","8.29-r2","8.30-r0","8.31-r0","8.32-r0","8.32-r1","8.32-r2","8.4-r0","8.4-r1","8.4-r2","8.5-r0","8.5-r1","8.6-r0","8.7-r0","8.8-r0","8.9-r0","9.0-r0","9.0-r1","9.0-r2","9.0-r3","9.1-r0","9.2-r0","9.2-r1","9.2-r2","9.2-r3","9.3-r0","9.3-r1","9.3-r2","9.3-r3","9.3-r4","9.3-r5","9.3-r6","9.3-r7","9.4-r0","9.4-r1"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2024-0684.json"}},{"package":{"name":"coreutils","ecosystem":"Alpine:v3.23","purl":"pkg:apk/alpine/coreutils?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.4-r2"}]}],"versions":["7.1-r0","7.1-r1","7.4-r0","7.5-r0","7.6-r0","8.10-r0","8.10-r1","8.10-r2","8.11-r0","8.12-r0","8.12-r1","8.13-r0","8.14-r0","8.15-r0","8.16-r0","8.17-r0","8.18-r0","8.19-r0","8.2-r0","8.20-r0","8.20-r1","8.21-r1","8.21-r2","8.21-r3","8.21-r4","8.22-r0","8.22-r1","8.23-r0","8.24-r0","8.25-r0","8.26-r0","8.27-r0","8.28-r0","8.29-r0","8.29-r1","8.29-r2","8.30-r0","8.31-r0","8.32-r0","8.32-r1","8.32-r2","8.4-r0","8.4-r1","8.4-r2","8.5-r0","8.5-r1","8.6-r0","8.7-r0","8.8-r0","8.9-r0","9.0-r0","9.0-r1","9.0-r2","9.0-r3","9.1-r0","9.2-r0","9.2-r1","9.2-r2","9.2-r3","9.3-r0","9.3-r1","9.3-r2","9.3-r3","9.3-r4","9.3-r5","9.3-r6","9.3-r7","9.4-r0","9.4-r1"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2024-0684.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}