Headline
Debian Security Advisory 5489-1
Debian Linux Security Advisory 5489-1 - A buffer overflow was found in file, a file type classification tool, which may result in denial of service if a specially crafted file is processed.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5489-1 [email protected]://www.debian.org/security/ Salvatore BonaccorsoSeptember 04, 2023 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : fileCVE ID : CVE-2022-48554A buffer overflow was found in file, a file type classification tool,which may result in denial of service if a specially crafted file isprocessed.For the oldstable distribution (bullseye), this problem has been fixedin version 1:5.39-3+deb11u1.We recommend that you upgrade your file packages.For the detailed security status of file please refer to its securitytracker page at:https://security-tracker.debian.org/tracker/fileFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmT2NDVfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xNDz0TNFg/+PpsDJJwxstMnU847dp8aR25v62Bboy3FRLrr16gbJozitu/uzsD9pdj7avI/WcpFaM2Y9in9odYhSccvgWcloq5o/MSm7IMplAm18O3D+m5pFdZw5GSIQKch3ZRl5F/37P6Kd2UQPXJoMhAUpNdL3LAjRjhfWji3LiWhNky+bOXLF3/TtPjhZutcffVoQ8Jvjd0U169i4s0i8lomMFs5AErReatFWbpRtWsGN1FYOUXpNa17n+sUwNaneWkthap+bkCINhFTzFCsiEd+QniY1Pyj8/V5EkWMYJzPPWLe0s93t2ORAGlMRmDzzCVEhtHWqOUz592DH9TqjJ8YeQtNd1o2KvTwYGWv63PN8ksoirFHYPqNj/hh6L4UuPc23tmNGtN7ErZnP45Z1SmSzAXVmm+YJjIjxO2qt2rg/DzdXXR8q/hR9FzYvlMQv058HQ67Vl1ua5d+66T8L7YgmJMoj6qDCJwmpRetfRPqOwucptPDlvRIYn23xSDQBkYFIbIPzoyvll+HYfhbkuvwa8hisK9PJfS5wEfU3Isp4CpKXhMkwNPgZyYFLqHt45Vbu1ROAy10Wwu18Lk+Vl9quUz5J0h3Go7Xuvk3xRx6NJPxRKiBGrqYhWcVw+bHgSn5oQCy0aNh4vzJy3bD8ZbQmXxiX/ytzN2TokgXBiIW6b3zGkM==kuBK-----END PGP SIGNATURE-----Related news
Red Hat Security Advisory 2024-2512-03 - An update for file is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer over-read vulnerability.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-5 - watchOS 10.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Ubuntu Security Notice 6359-1 - It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.