php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Sec Bug #68283 fileinfo: out-of-bounds read in elf note headers
Submitted: 2014-10-22 08:14 UTC Modified: 2014-10-23 05:52 UTC
From: remi@php.net Assigned: remi
Status: Closed Package: Filesystem function related
PHP Version: 5.4.34 OS: irrevelant
Private report: No CVE-ID: 2014-3710
 [2014-10-22 08:14 UTC] remi@php.net
Description:
------------
An out-of-bounds read flaw was found in file's donote() function in the way the file utility determined the note headers of a elf file. This could possibly lead to file executable crash.

Upstream fix:
https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0

Acknowledgements:
This issue was discovered by Francisco Alonso of the Red Hat Product Security.


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-10-22 08:15 UTC] remi@php.net
-CVE-ID: +CVE-ID: 2014-3710
 [2014-10-22 08:15 UTC] remi@php.net
CVE-2014-3710 is assigned.
The fix is already public.
 [2014-10-22 13:42 UTC] remi@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=1803228597e82218a8c105e67975bc50e6f5bf0d
Log: Fix bug #68283: fileinfo: out-of-bounds read in elf note headers
 [2014-10-22 13:42 UTC] remi@php.net
-Status: Open +Status: Closed
 [2014-10-23 05:52 UTC] remi@php.net
-Assigned To: +Assigned To: remi
 [2014-10-23 05:52 UTC] remi@php.net
The fix is only applied in 5.4 for now, but will be soon in other branches.
 [2014-10-25 09:32 UTC] remi@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=5b295bf19161b14d6c81151fd89c2f17bd50525c
Log: Fix bug #68283: fileinfo: out-of-bounds read in elf note headers
 [2014-11-03 19:40 UTC] stas@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=1803228597e82218a8c105e67975bc50e6f5bf0d
Log: Fix bug #68283: fileinfo: out-of-bounds read in elf note headers
 [2014-11-18 20:34 UTC] ab@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=5b295bf19161b14d6c81151fd89c2f17bd50525c
Log: Fix bug #68283: fileinfo: out-of-bounds read in elf note headers
 [2014-11-18 20:35 UTC] ab@php.net
Automatic comment on behalf of remi
Revision: http://git.php.net/?p=php-src.git;a=commit;h=1803228597e82218a8c105e67975bc50e6f5bf0d
Log: Fix bug #68283: fileinfo: out-of-bounds read in elf note headers
 
PHP Copyright © 2001-2017 The PHP Group
All rights reserved.
Last updated: Tue Aug 29 15:01:52 2017 UTC