Home

CVE-2019-8906

Description

do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.

Risk Information

Base Score
4.4
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
EPSS Score
Exploitation Probability
0.077

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in macOS Mojave 10.14.4Mac
Multiple vulnerabilities are fixed in macOS Mojave 10.14.4 Combo UpdateMac
Tool to determine file types (USN-3911-1) file_5.25-2ubuntu1.2_i386.debLinux
Tool to determine file types (USN-3911-1) file_5.25-2ubuntu1.2_amd64.debLinux
Tool to determine file types (USN-3911-1) file_5.32-2ubuntu0.2_i386.debLinux
Tool to determine file types (USN-3911-1) file_5.32-2ubuntu0.2_amd64.debLinux
Tool to determine file types (USN-3911-1) file_5.34-2ubuntu0.1_i386.debLinux
Tool to determine file types (USN-3911-1) file_5.34-2ubuntu0.1_amd64.debLinux
Tool to determine file types (USN-3911-1) libmagic1_5.25-2ubuntu1.2_i386.debLinux
Tool to determine file types (USN-3911-1) libmagic1_5.25-2ubuntu1.2_amd64.debLinux
Tool to determine file types (USN-3911-1) libmagic1_5.32-2ubuntu0.2_i386.debLinux
Tool to determine file types (USN-3911-1) libmagic1_5.32-2ubuntu0.2_amd64.debLinux
Tool to determine file types (USN-3911-1) libmagic1_5.34-2ubuntu0.1_i386.debLinux
Tool to determine file types (USN-3911-1) libmagic1_5.34-2ubuntu0.1_amd64.debLinux
SUSE-SU-2019:0839-1(SUSE Linux Enterprise Desktop 12-SP4 ) file-5.22-10.12.2.x86_64.rpmLinux
SUSE-SU-2019:0839-1(SUSE Linux Enterprise Desktop 12-SP4 ) file-debuginfo-5.22-10.12.2.x86_64.rpmLinux
SUSE-SU-2019:0839-1(SUSE Linux Enterprise Desktop 12-SP4 ) file-debugsource-5.22-10.12.2.x86_64.rpmLinux
SUSE-SU-2019:0839-1(SUSE Linux Enterprise Desktop 12-SP4 ) file-magic-5.22-10.12.2.x86_64.rpmLinux
SUSE-SU-2019:0839-1(SUSE Linux Enterprise Desktop 12-SP4 ) libmagic1-5.22-10.12.2.x86_64.rpmLinux
SUSE-SU-2019:0839-1(SUSE Linux Enterprise Desktop 12-SP4 ) libmagic1-32bit-5.22-10.12.2.x86_64.rpmLinux
SUSE-SU-2019:0839-1(SUSE Linux Enterprise Desktop 12-SP4 ) libmagic1-debuginfo-5.22-10.12.2.x86_64.rpmLinux
SUSE-SU-2019:0839-1(SUSE Linux Enterprise Desktop 12-SP4 ) libmagic1-debuginfo-32bit-5.22-10.12.2.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-602004macOS Mojave 10.14.6
PATCH-602005macOS Mojave 10.14.6 Combo Update

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234