[3.7] file: Multiple vulnerabilities (CVE-2019-8905, CVE-2019-8906, CVE-2019-8907)
CVE-2019-8905: do_core_note in readelf.c in libmagic in file 5.35
has a stack-based buffer over-read,
related to file_printable, a different vulnerability than
CVE-2018-10360.
Reference:
https://bugs.astron.com/view.php?id=63
Patch:
https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b
CVE-2019-8906: do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
Reference:
https://bugs.astron.com/view.php?id=64
Patch:
Introduced by:
https://github.com/file/file/commit/0ac0678c52e248fd2a632a84b638694f205aef9d
(FILE5_31)
Fixed by:
https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f
(FILE5_36)
CVE-2019-8907: do_core_note in readelf.c in libmagic.a in file
5.35 allows remote attackers to cause a denial of service
(stack corruption and application crash) or possibly have unspecified
other impact.
Reference:
https://bugs.astron.com/view.php?id=65
Patch:
https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b
(from redmine: issue id 10173, created on 2019-03-28)
- Relations:
- parent #10170