TencentOS Server 4: file (TSSA-2024:0300)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0300 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c.

...

file: Stack Buffer Overread

Background The file utility attempts to identify a file’s format by scanning binary data for patterns. Description Multiple vulnerabilities have been discovered in file. Please review the CVE identifiers referenced below for details. Impact File has an stack-based buffer over-read in filecopystr ...

CLSA-2024-1717691179 file: Fix of CVE-2022-48554

CVE-2022-48554: fix stack-based buffer over-read in filecopystr in funcs.c...

file: stack-based buffer over-read in file_copystr in funcs.c

A flaw was found in file, a program used to identify a particular file according to the type of data contained by the file. This issue occurs when processing a specially crafted file, causing a stack-based buffer over-read, resulting in an application crash...

Buffer Overflow

libfile.so is vulnerable to Buffer Overflow. The vulnerability exists due to the stack-based buffer over-read in the filecopystr function of funcs.c, which allows an attacker to cause an application crash through a maliciously crafted input...

OESA-2023-1574 file security update

The program checks to see if the file is empty,or if its some sort of special file. Security Fixes: File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: "File" is the name of an Open Source project.CVE-2022-48554...

Denial Of Service (DoS)

file is vulnerable to Denial of Service DoS attacks. This vulnerability exists due to a flaw in the way the filecopystr function in the funcs.c file copies a string from one buffer to another. An attacker can exploit this vulnerability to corrupt the stack, which could lead to a crash...

SUSE CVE-2022-48554

File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: "File" is the name of an Open Source project...

CVE-2022-48554

File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: "File" is the name of an Open Source project...

AZL-28055 CVE-2022-48554 affecting package file for versions less than 5.40-3

File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: "File" is the name of an Open Source project...

UBUNTU-CVE-2022-48554

File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: "File" is the name of an Open Source project...

file 缓冲区错误漏洞

file is an open source implementation of the Unix File1 command by Fine Free File Command. A security vulnerability exists in file versions prior to 5.43, which stems from an over-read of a stack-based buffer in filecopystr in funcs.c. The vulnerability is caused by the use of a stack-based buffe...