Headline
Ubuntu Security Notice USN-6359-1
Ubuntu Security Notice 6359-1 - It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
==========================================================================Ubuntu Security Notice USN-6359-1September 12, 2023file vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:file could be made to crash or run programs if it opened a speciallycrafted file.Software Description:- file: Tool to determine file typesDetails:It was discovered that file incorrectly handled certain malformed files. Anattacker could use this issue to cause a denial of service, or possiblyexecute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS: file 1:5.41-3ubuntu0.1 libmagic1 1:5.41-3ubuntu0.1In general, a standard system update will make all the necessary changes.References: https://ubuntu.com/security/notices/USN-6359-1 CVE-2022-48554Package Information: https://launchpad.net/ubuntu/+source/file/1:5.41-3ubuntu0.1
Related news
Red Hat Security Advisory 2024-2512-03 - An update for file is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer over-read vulnerability.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-5 - watchOS 10.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Debian Linux Security Advisory 5489-1 - A buffer overflow was found in file, a file type classification tool, which may result in denial of service if a specially crafted file is processed.
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.