CVE-2014-9652

Published: 08 January 2015

The mconvert function in softmagic.c in file before 5.21, as used in the Fileinfo component in PHP before 5.4.37, 5.5.x before 5.5.21, and 5.6.x before 5.6.5, does not properly handle a certain string-length field during a copy of a truncated version of a Pascal string, which might allow remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted file.

Priority

Low

Status

Package Release Status
file
Launchpad, Ubuntu, Debian 		Upstream
Released (1:5.21+15-1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (1:5.14-2ubuntu3.3)
Patches:
Upstream: https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158
php5
Launchpad, Ubuntu, Debian 		Upstream
Released (5.6.5+dfsg-1)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (5.5.9+dfsg-1ubuntu4.6)
Patches:
Upstream: http://git.php.net/?p=php-src.git;a=commit;h=ede59c8feb4b80e1b94e4abdaa0711051e2912ab

References

Bugs

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading