file : CVE-2018-10360: out-of-bounds read and application crash
Bug #1912156 reported by
Zhixiong Chi
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Zhixiong Chi |
Bug Description
CVSS:3.
Description:
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
References:
https:/
https:/
Required package version:
file-5.
file-libs-
file-devel-
Packages:
file
file-libs
file-devel
Changed in starlingx: | |
assignee: | nobody → Zhixiong Chi (zhixiongchi) |
status: | New → In Progress |
Changed in starlingx: | |
status: | In Progress → Fix Committed |
Changed in starlingx: | |
importance: | Undecided → Medium |
information type: | Private Security → Public Security |
To post a comment you must log in.
https:/ /review. opendev. org/c/starlingx /tools/ +/771379