The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

References

lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html

lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html

github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22

security.gentoo.org/glsa/201806-08

usn.ubuntu.com/3686-1/

usn.ubuntu.com/3686-2/

nessus 41

redhat 4

f5 1

openvas 18

oraclelinux 1

gentoo 1

fedora 3

prion 2

slackware 1

amazon 2

mageia 2

nvd 2

ubuntucve 2

osv 2

cve 2

veracode 1

redhatcve 2

debiancve 2

centos 1

ubuntu 2

alpinelinux 1

cvelist 1

suse 3

photon 4

archlinux 1

cloudfoundry 1

ibm 1

nessus

RHEL 7 : file (RHSA-2020:2838)

2020-07-07 00:00:00

Fedora 28 : file (2018-7cd597eebf)

2019-01-03 00:00:00

Slackware 14.0 / 14.1 / 14.2 / current : file (SSA:2018-212-01)

2018-08-02 00:00:00

redhat

(RHSA-2020:1022) Low: file security update

2020-03-31 09:09:44

(RHSA-2020:2521) Low: file security update

2020-06-10 21:33:07

(RHSA-2020:2768) Low: file security update

2020-06-30 11:41:08

K50899356 : file vulnerability CVE-2018-10360

2022-05-05 00:00:00

openvas

Slackware: Security Advisory (SSA:2018-212-01)

2022-04-21 00:00:00

Fedora Update for file FEDORA-2018-7cd597eebf

2018-06-17 00:00:00

Fedora Update for file FEDORA-2018-b5de855e94

2018-06-29 00:00:00

oraclelinux

file security update

2020-04-06 00:00:00

gentoo

file: Denial of service

2018-06-23 00:00:00

fedora

[SECURITY] Fedora 28 Update: file-5.33-6.fc28

2018-06-16 20:20:29

[SECURITY] Fedora 27 Update: file-5.31-12.fc27

2018-06-28 13:35:15

[SECURITY] Fedora 28 Update: file-5.33-10.fc28

2019-03-12 21:44:56

prion

Out-of-bounds

2018-06-11 10:29:00

Stack overflow

2019-02-18 17:29:00

slackware

[slackware-security] file

2018-07-31 07:34:02

amazon

Low: file

2020-07-14 02:34:00

Medium: file

2019-03-21 22:08:00

mageia

Updated file packages fix a security vulnerability

2018-06-25 01:02:29

Updated file packages fix security vulnerabilities

2019-03-29 18:51:06

nvd

CVE-2018-10360

2018-06-11 10:29:00

CVE-2019-8905

2019-02-18 17:29:00

ubuntucve

CVE-2018-10360

2018-06-11 00:00:00

CVE-2019-8905

2019-02-18 00:00:00

osv

CVE-2018-10360

2018-06-11 10:29:00

CVE-2019-8905

2019-02-18 17:29:00

cve

CVE-2018-10360

2018-06-11 10:29:00

CVE-2019-8905

2019-02-18 17:29:00

veracode

Denial Of Service (DoS)

2018-06-12 06:31:15

redhatcve

CVE-2018-10360

2018-06-15 20:48:40

CVE-2019-8905

2020-03-04 19:33:44

debiancve

CVE-2018-10360

2018-06-11 10:29:00

CVE-2019-8905

2019-02-18 17:29:00

centos

file, python security update

2020-04-08 18:00:55

ubuntu

file vulnerabilities

2018-06-28 00:00:00

file vulnerabilities

2018-06-14 00:00:00

alpinelinux

CVE-2019-8905

2019-02-18 17:29:00

cvelist

CVE-2019-8905

2019-02-18 17:00:00

suse

Security update for php5 (moderate)

2018-09-12 12:08:47

Security update for file (moderate)

2019-03-18 00:00:00

Security update for file (moderate)

2019-04-12 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0080

2018-08-03 00:00:00

Moderate Photon OS Security Update - PHSA-2018-0080

2018-08-03 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0171

2018-08-03 00:00:00

archlinux

[ASA-201903-5] file: multiple issues

2019-03-03 00:00:00

cloudfoundry

USN-3686-1: file vulnerabilities | Cloud Foundry

2018-06-20 00:00:00

ibm

Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities

2021-08-13 22:15:02

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

5.5 Medium

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

82.1%

JSON

Related for CVELIST:CVE-2018-10360