Unrated severityOSV Advisory· Published Feb 18, 2019· Updated Aug 4, 2024
CVE-2019-8906
CVE-2019-8906
Description
do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
17- Range: =5.35
- osv-coords15 versionspkg:rpm/opensuse/file&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/python-magic&distro=openSUSE%20Leap%2015.0pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/file&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/python-magic&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/python-magic&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015pkg:rpm/suse/python-magic&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/python-magic&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4
< 5.32-lp150.6.3.1+ 14 more
- (no CPE)range: < 5.32-lp150.6.3.1
- (no CPE)range: < 5.32-lp150.6.3.1
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.32-7.5.1
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.32-7.5.1
- (no CPE)range: < 5.32-7.5.1
- (no CPE)range: < 5.22-10.12.2
- (no CPE)range: < 5.22-10.12.2
Patches
Vulnerability mechanics
References
9- lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.htmlmitrevendor-advisoryx_refsource_SUSE
- usn.ubuntu.com/3911-1/mitrevendor-advisoryx_refsource_UBUNTU
- bugs.astron.com/view.phpmitrex_refsource_MISC
- github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185fmitrex_refsource_MISC
- support.apple.com/kb/HT209599mitrex_refsource_CONFIRM
- support.apple.com/kb/HT209600mitrex_refsource_CONFIRM
- support.apple.com/kb/HT209601mitrex_refsource_CONFIRM
- support.apple.com/kb/HT209602mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.