CVE-2019-8907

NONE EPSS 87.6%
Published Feb 18, 20197y ago · Modified Jun 17, 20262w ago
Find Similar
Published Feb 18, 2019 7y ago
Last Modified Jun 17, 2026 2w ago

Description

do_core_note in readelf.c in libmagic.a in file 5.35 allows remote attackers to cause a denial of service (stack corruption and application crash) or possibly have unspecified other impact.

Threat Intelligence

EPSS Exploit Probability
87.6% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-787 Out-of-bounds Write Memory Safety

Affected Products 6

VendorProductVersionRange
file_projectfile5.35any
debiandebian_linux8.0any
opensuseleap15.0any
canonicalubuntu_linux16.04any
canonicalubuntu_linux18.04any
canonicalubuntu_linux18.10any

References 5

  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
    Mailing ListThird Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html
  • bugs.astron.com https://bugs.astron.com/view.php?id=65
    ExploitIssue TrackingThird Party Advisory
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html
    Third Party Advisory
  • usn.ubuntu.com https://usn.ubuntu.com/3911-1/
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.