Описание
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
Отчет
This vulnerability was rated as LOW severity because its exploitation requires a local attacker to use a specially crafted file and it results in temporary application crashes or exposure of limited information, it does not allow remote code execution or system compromise.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | file | Not affected | ||
| Red Hat Enterprise Linux 5 | php53 | Not affected | ||
| Red Hat Enterprise Linux 6 | file | Not affected | ||
| Red Hat Enterprise Linux 6 | php | Not affected | ||
| Red Hat Enterprise Linux 7 | file | Not affected | ||
| Red Hat Enterprise Linux 7 | php | Not affected | ||
| Red Hat Enterprise Linux 8 | file | Fix deferred | ||
| Red Hat Software Collections | rh-php72-php | Not affected | ||
| Red Hat Software Collections | rh-php73-php | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
4.4 Medium
CVSS3
Связанные уязвимости
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bou ...
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
Уязвимость функции do_core_note утилиты для определения типа заданных файлов File, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.4 Medium
CVSS3