#VU17829 Stack out-of-bounds read in file - CVE-2019-8904

Cybersecurity Help s.r.o.

Published: 2019-02-22

Vulnerability identifier: #VU17829

Vulnerability risk: Low

CVSSv4.0: 2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2019-8904

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
file
Universal components / Libraries / Libraries used by multiple products

Vendor: Ian F. Darwin

Description

The vulnerability allows a remote attacker to obtain potentially sensitive information or perform a denial of service (DoS) attack.

The vulnerability exists due to stack-based buffer over-read in the do_core_note function, as defined in the readelf.c source code file. A remote attacker can trick the victim into executing a file that submits malicious input to the targeted system with the file command, trigger memory corruption and gain access to arbitrary data or perform a denial of service attack.

Mitigation
Update to version 5.36.

Vulnerable software versions

file: 5.35

External links
https://bugs.astron.com/view.php?id=62

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Amazon Linux AMI update for file

Ubuntu update for file

Stack out-of-bounds read in file (Alpine package)

Arch Linux update for file

Multiple vulnerabilities in Astron Software file