CVE-2019-8905

Name
CVE-2019-8905
Description
do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based buffer over-read, related to file_printable, a different vulnerability than CVE-2018-10360.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Issue Tracking https://bugs.astron.com/view.php?id=63
Third Party Advisory http://www.securityfocus.com/bid/107137
Mailing List https://lists.debian.org/debian-lts-announce/2019/02/msg00044.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html
Third Party Advisory https://usn.ubuntu.com/3911-1/
SUSE http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* debian_linux == None == 8.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status