5

CVE-2014-8116

The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
File ProjectFile Version5.20
MageiaMageia Version4.0
CanonicalUbuntu Linux Version10.04 SwEditionlts
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version14.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.43% 0.901
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://rhn.redhat.com/errata/RHSA-2016-0760.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securitytracker.com/id/1031344
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-2494-1
Third Party Advisory
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
Vendor Advisory
http://advisories.mageia.org/MGASA-2015-0040.html
Third Party Advisory
http://seclists.org/oss-sec/2014/q4/1056
Third Party Advisory
Mailing List
http://secunia.com/advisories/61944
http://secunia.com/advisories/62081
http://www.securityfocus.com/bid/71700
https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog
Patch
Issue Tracking
https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b8
Patch
Issue Tracking
https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6
Patch
Issue Tracking