CVE-2019-8906

Published: 18 February 2019

do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bounds read because memcpy is misused.

Priority

Medium

CVSS 3 base score: 4.4

Status

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906
• https://ubuntu.com/security/notices/USN-3911-1
• NVD
• Launchpad
• Debian

Bugs

• https://bugs.astron.com/view.php?id=64
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922969