VDB

GCVE-110-MAGEIA-2014-92

GCVE-110-MAGEIA-2014-92
Advisory Published
Vulnetix · Advisory published February 22, 2014
It was discovered that file before 5.17 contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files (CVE-2014-1943). Additionally, other well-crafted files might result in long computation times (while using 100% CPU) and overlong results. The affected packages have been patched to correct these flaws.

Affected Products

VendorProductVersionsPlatforms
Mageiaxonotic0 (affected), 0.7.0-3.1.mga3 (unaffected)
Mageiafile5.16-1.1.mga4 (unaffected), 0 (affected), 0 (affected), 5.16-1.1.mga4 (unaffected)
Mageiafile0 (affected), 5.12-8.1.mga3 (unaffected), 0 (affected), 5.12-8.1.mga3 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›