CVE-2014-8117

NONE
Published Dec 17, 201411y ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 17, 2014 11y ago
Last Modified Jun 17, 2026 2w ago

Description

softmagic.c in file before 5.21 does not properly limit recursion, which allows remote attackers to cause a denial of service (CPU consumption or crash) via unspecified vectors.

Threat Intelligence

No active exploitation signals — not in CISA KEV and no EPSS score yet.

Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-399

Affected Products 7

VendorProductVersionRange
file_projectfile* ≤5.20
freebsdfreebsd*any
mageiamageia4.0any
canonicalubuntu_linux10.04any
canonicalubuntu_linux12.04any
canonicalubuntu_linux14.04any
canonicalubuntu_linux14.10any

References 14

  • advisories.mageia.org http://advisories.mageia.org/MGASA-2015-0040.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2016-0760.html
  • seclists.org http://seclists.org/oss-sec/2014/q4/1056
    Mailing ListThird Party Advisory
  • secunia.com http://secunia.com/advisories/61944
  • secunia.com http://secunia.com/advisories/62081
  • oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
  • oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
  • securityfocus.com http://www.securityfocus.com/bid/71692
  • securitytracker.com http://www.securitytracker.com/id/1031344
    Third Party AdvisoryVDB Entry
  • ubuntu.com http://www.ubuntu.com/usn/USN-2494-1
    Third Party Advisory
  • ubuntu.com http://www.ubuntu.com/usn/USN-2535-1
    Third Party Advisory
  • github.com https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog
    Issue TrackingPatch
  • github.com https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c
    Issue TrackingPatch
  • freebsd.org https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
    Vendor Advisory

Remediation

  • github.com https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog
    Issue TrackingPatch
  • github.com https://github.com/file/file/commit/6f737ddfadb596d7d4a993f7ed2141ffd664a81c
    Issue TrackingPatch