CVE-2017-1000249

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-1000249

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000249.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-1000249

Related

Published

2017-09-11T19:29:00Z

Modified

2024-09-18T02:39:48.352032Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

An issue in file() was introduced in commit 9611f31313a93aa036389c5f3b15eea53510d4d1 (Oct 2016) lets an attacker overwrite a fixed 20 bytes stack buffer with a specially crafted .notes section in an ELF binary. This was fixed in commit 35c94dc6acc418f1ad7f6241a6680e5327495793 (Aug 2017).

References

Affected packages

Debian:11 / file

Package

Name: file
Purl: pkg:deb/debian/file?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:5.32-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / file

Package

Name: file
Purl: pkg:deb/debian/file?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:5.32-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / file

Package

Name: file
Purl: pkg:deb/debian/file?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:5.32-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/file/file

Affected ranges

Type: GIT
Repo: https://github.com/file/file
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

35c94dc6acc418f1ad7f6241a6680e5327495793

Fixed

9611f31313a93aa036389c5f3b15eea53510d4d

Affected versions

Other

FILE3_27

FILE3_28

FILE3_30

FILE3_31

FILE3_32

FILE3_33

FILE3_34

FILE3_35

FILE3_36

FILE3_37

FILE3_38

FILE3_39

FILE3_40

FILE3_41

FILE4_00

FILE4_01

FILE4_02

FILE4_03

FILE4_04

FILE4_05

FILE4_06

FILE4_07

FILE4_08

FILE4_09

FILE4_10

FILE4_11

FILE4_12

FILE4_13

FILE4_14

FILE4_15

FILE4_16

FILE4_17

FILE4_18

FILE4_19

FILE4_20

FILE4_21

FILE4_22

FILE4_23

FILE4_24

FILE4_25

FILE4_26

FILE5_00

FILE5_01

FILE5_02

FILE5_03

FILE5_04

FILE5_07

FILE5_08

FILE5_09

FILE5_10

FILE5_11

FILE5_12

FILE5_13

FILE5_14

FILE5_15

FILE5_16

FILE5_17

FILE5_18

FILE5_19

FILE5_20

FILE5_21

FILE5_22

FILE5_23

FILE5_24

FILE5_25

FILE5_26

FILE5_27

FILE5_28

FILE5_29

FILE5_30

FILE5_31

pre-rrt-big-changes-post-4-23