Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| File | File | 3.28 (including) | 3.28 (including) |
| File | File | 3.30 (including) | 3.30 (including) |
| File | File | 3.32 (including) | 3.32 (including) |
| File | File | 3.33 (including) | 3.33 (including) |
| File | File | 3.34 (including) | 3.34 (including) |
| File | File | 3.35 (including) | 3.35 (including) |
| File | File | 3.36 (including) | 3.36 (including) |
| File | File | 3.37 (including) | 3.37 (including) |
| File | File | 3.39 (including) | 3.39 (including) |
| File | File | 3.40 (including) | 3.40 (including) |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
| Red Hat Linux 6.2 | RedHat | * | |
| Red Hat Linux 7.0 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.2 | RedHat | * | |
| Red Hat Linux 7.3 | RedHat | * | |
| Red Hat Linux 8.0 | RedHat | * | |
| Red Hat Linux Advanced Workstation 2.1 | RedHat | * | |
| File | Ubuntu | dapper | * |
| File | Ubuntu | devel | * |
| File | Ubuntu | edgy | * |
| File | Ubuntu | feisty | * |