Details of VAR-201902-0872

ID

VAR-201902-0872

CVE

CVE-2019-8906

TITLE

file Vulnerable to out-of-bounds reading

Trust: 0.8

sources: JVNDB: JVNDB-2019-001781

DESCRIPTION

do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused. file Contains an out-of-bounds vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. file is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Failed exploit attempts will likely result in denial-of-service conditions. file 5.35 is vulnerable; other versions may also be affected. file is a set of command-line tools used in Unix-like to view file information. The vulnerability stems from the fact that the memory copy function is not used correctly. Currently there is no information about this vulnerability, please keep an eye on CNNVD or vendor announcements. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] file (SSA:2019-054-01) New file packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/file-5.36-i586-1_slack14.2.txz: Upgraded. Fix out-of-bounds read and denial-of-service security issues: For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8907 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/file-5.36-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/file-5.36-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/file-5.36-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/file-5.36-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/file-5.36-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/file-5.36-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/a/file-5.36-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/file-5.36-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: d774a800d99acb0ad52f312ed83a072f file-5.36-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 7be0a75f9f31f23b9c38b7ebf0192961 file-5.36-x86_64-1_slack14.0.txz Slackware 14.1 package: 0ec7575d2786bb8c8abe7b568cab262f file-5.36-i486-1_slack14.1.txz Slackware x86_64 14.1 package: ca23033d9beedda72c0793b796ad10b2 file-5.36-x86_64-1_slack14.1.txz Slackware 14.2 package: 4dfa9268d6415052d99681543a884227 file-5.36-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 2e26d570e7b3c957155905b9150b1af0 file-5.36-x86_64-1_slack14.2.txz Slackware -current package: 039ec7588178a2026e77bd96d2c98552 a/file-5.36-i586-1.txz Slackware x86_64 -current package: 20d07d173c3a2314eabe27620f662195 a/file-5.36-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg file-5.36-i586-1_slack14.2.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlxxohgACgkQakRjwEAQIjM9ygCdHLmg1G9oSJsutsUaVk2G2kN1 Xa4AoI+VR7MyhQxXRJ1DRDb6HPDSm0Ld EIS -----END PGP SIGNATURE-----

Trust: 2.07

sources: NVD: CVE-2019-8906 // JVNDB: JVNDB-2019-001781 // BID: 107158 // VULHUB: VHN-160341 // PACKETSTORM: 151829

AFFECTED PRODUCTS

vendor:	file	model:	file	scope:	eq	version:	5.35	Trust: 2.1
vendor:	opensuse	model:	leap	scope:	eq	version:	42.3	Trust: 1.0
vendor:	apple	model:	iphone os	scope:	lt	version:	12.2	Trust: 1.0
vendor:	apple	model:	tvos	scope:	lt	version:	12.2	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.10	Trust: 1.0
vendor:	apple	model:	mac os x	scope:	lt	version:	10.14.4	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	18.04	Trust: 1.0
vendor:	opensuse	model:	leap	scope:	eq	version:	15.0	Trust: 1.0
vendor:	canonical	model:	ubuntu linux	scope:	eq	version:	16.04	Trust: 1.0
vendor:	apple	model:	watchos	scope:	lt	version:	5.2	Trust: 1.0

sources: BID: 107158 // JVNDB: JVNDB-2019-001781 // NVD: CVE-2019-8906

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-8906
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-8906
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201902-710
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-160341
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2019-8906
severity:	LOW
baseScore:	3.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	CVE-2019-8906
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-160341
severity:	LOW
baseScore:	3.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-8906
baseSeverity:	MEDIUM
baseScore:	4.4
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	LOW
integrityImpact:	NONE
availabilityImpact:	LOW
exploitabilityScore:	1.8
impactScore:	2.5
version:	3.1
Trust: 1.0
NVD:	CVE-2019-8906
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-160341 // JVNDB: JVNDB-2019-001781 // CNNVD: CNNVD-201902-710 // NVD: CVE-2019-8906

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.9

sources: VULHUB: VHN-160341 // JVNDB: JVNDB-2019-001781 // NVD: CVE-2019-8906

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201902-710

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201902-710

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-001781

PATCH

title:	Avoid OOB read (found by ASAN reported by F. Alonso)	url:	https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f	Trust: 0.8
title:	file Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=89532	Trust: 0.6

sources: JVNDB: JVNDB-2019-001781 // CNNVD: CNNVD-201902-710

EXTERNAL IDS

db:	NVD	id:	CVE-2019-8906	Trust: 2.9
db:	JVNDB	id:	JVNDB-2019-001781	Trust: 0.8
db:	CNNVD	id:	CNNVD-201902-710	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.0738	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.0860.2	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.1107	Trust: 0.6
db:	NSFOCUS	id:	42787	Trust: 0.6
db:	BID	id:	107158	Trust: 0.3
db:	PACKETSTORM	id:	151829	Trust: 0.2
db:	VULHUB	id:	VHN-160341	Trust: 0.1

sources: VULHUB: VHN-160341 // BID: 107158 // JVNDB: JVNDB-2019-001781 // PACKETSTORM: 151829 // CNNVD: CNNVD-201902-710 // NVD: CVE-2019-8906

REFERENCES

url:	https://usn.ubuntu.com/3911-1/	Trust: 2.3
url:	https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f	Trust: 2.0
url:	https://support.apple.com/kb/ht209599	Trust: 1.7
url:	https://support.apple.com/kb/ht209600	Trust: 1.7
url:	https://support.apple.com/kb/ht209601	Trust: 1.7
url:	https://support.apple.com/kb/ht209602	Trust: 1.7
url:	https://bugs.astron.com/view.php?id=64	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html	Trust: 1.7
url:	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8906	Trust: 1.5
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8906	Trust: 0.9
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20190571-1.html	Trust: 0.6
url:	https://www.suse.com/support/update/announcement/2019/suse-su-20190839-1.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/78294	Trust: 0.6
url:	https://support.apple.com/en-us/ht209602	Trust: 0.6
url:	https://support.apple.com/en-us/ht209600	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/76730	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.0860.2/	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/42787	Trust: 0.6
url:	https://vigilance.fr/vulnerability/file-out-of-bounds-memory-reading-via-do-core-note-28590	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/77270	Trust: 0.6
url:	http://www.darwinsys.com/file/	Trust: 0.3
url:	https://bugzilla.redhat.com/show_bug.cgi?id=1679175	Trust: 0.3
url:	https://access.redhat.com/security/cve/cve-2019-8906	Trust: 0.3
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8907	Trust: 0.1
url:	http://slackware.com	Trust: 0.1
url:	http://osuosl.org)	Trust: 0.1
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8907	Trust: 0.1
url:	http://slackware.com/gpg-key	Trust: 0.1

sources: VULHUB: VHN-160341 // BID: 107158 // JVNDB: JVNDB-2019-001781 // PACKETSTORM: 151829 // CNNVD: CNNVD-201902-710 // NVD: CVE-2019-8906

CREDITS

vendor

Trust: 0.6

sources: CNNVD: CNNVD-201902-710

SOURCES

db:	VULHUB	id:	VHN-160341
db:	BID	id:	107158
db:	JVNDB	id:	JVNDB-2019-001781
db:	PACKETSTORM	id:	151829
db:	CNNVD	id:	CNNVD-201902-710
db:	NVD	id:	CVE-2019-8906

LAST UPDATE DATE

2024-11-23T19:35:57.205000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-160341	date:	2021-12-09T00:00:00
db:	BID	id:	107158	date:	2019-01-03T00:00:00
db:	JVNDB	id:	JVNDB-2019-001781	date:	2019-03-26T00:00:00
db:	CNNVD	id:	CNNVD-201902-710	date:	2021-12-10T00:00:00
db:	NVD	id:	CVE-2019-8906	date:	2024-11-21T04:50:38.213

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-160341	date:	2019-02-18T00:00:00
db:	BID	id:	107158	date:	2019-01-03T00:00:00
db:	JVNDB	id:	JVNDB-2019-001781	date:	2019-03-26T00:00:00
db:	PACKETSTORM	id:	151829	date:	2019-02-25T16:56:55
db:	CNNVD	id:	CNNVD-201902-710	date:	2019-02-18T00:00:00
db:	NVD	id:	CVE-2019-8906	date:	2019-02-18T17:29:01.033