VDB
GCVE-110-MAGEIA-2014-92
GCVE-110-MAGEIA-2014-92
Advisory Published
It was discovered that file before 5.17 contains a flaw in the handling of
"indirect" magic rules in the libmagic library, which leads to an infinite
recursion when trying to determine the file type of certain files
(CVE-2014-1943).
Additionally, other well-crafted files might result in long computation times
(while using 100% CPU) and overlong results.
The affected packages have been patched to correct these flaws.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | xonotic | 0 (affected), 0.7.0-3.1.mga3 (unaffected) | — |
| Mageia | file | 5.16-1.1.mga4 (unaffected), 0 (affected), 0 (affected), 5.16-1.1.mga4 (unaffected) | — |
| Mageia | file | 0 (affected), 5.12-8.1.mga3 (unaffected), 0 (affected), 5.12-8.1.mga3 (unaffected) | — |
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.