First published: Mon Jun 11 2018(Updated: )
File is vulnerable to a denial of service, caused by an out-of-bounds read in the do_core_note function in readelf.c in libmagic.a. By persuading a victim to open a specially crafted ELF file, a remote attacker could exploit this vulnerability to cause a denial of service.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
File Project File | =5.33 | |
Canonical Ubuntu Linux | =12.04 | |
Canonical Ubuntu Linux | =14.04 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =17.10 | |
Canonical Ubuntu Linux | =18.04 | |
openSUSE Leap | =15.0 | |
openSUSE Leap | =42.3 | |
debian/file | 1:5.35-4+deb10u2 1:5.35-4+deb10u1 1:5.39-3+deb11u1 1:5.44-3 1:5.45-3 | |
IBM Data Risk Manager | <=2.0.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this vulnerability is CVE-2018-10360.
The severity of CVE-2018-10360 is medium with a CVSS score of 6.5.
CVE-2018-10360 can cause a denial of service in the affected software.
The version 1:5.33-3 of the affected software is vulnerable to CVE-2018-10360.
To fix CVE-2018-10360, update the affected software to version 1:5.33-3 or later.