VDB

GCVE-110-MAGEIA-2014-307

GCVE-110-MAGEIA-2014-307
Advisory Published
Vulnetix · Advisory published August 5, 2014
file before 5.19 does not properly restrict the amount of data read during a regex search, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted file that triggers backtracking during processing of an awk rule, due to an incomplete fix for CVE-2013-7345 (CVE-2014-3538). The Mageia 3 update also fixes a possible crash in softmagic.c due to an improperly rediffed patch for a memory leak in a previous update (mga#13701).

Affected Products

VendorProductVersionsPlatforms
Mageiafile5.16-1.5.mga4 (unaffected), 0 (affected)
Mageiafile5.12-8.6.mga3 (unaffected), 0 (affected)

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›