Bug 1171580 (CVE-2014-8116)
Summary: | CVE-2014-8116 file: multiple denial of service issues (resource consumption) | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Murray McAllister <mmcallis> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | bressers, fedora, jkaluza, jorton, ksrot, mmaslano, rcollet, sardella, security-response-team, slawomir, webstack-team |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | file 5.21 | Doc Type: | Bug Fix |
Doc Text: |
Multiple flaws were found in the way the File Information (fileinfo) extension parsed Executable and Linkable Format (ELF) files. A remote attacker could use either of these flaws to cause a PHP application using fileinfo to consume an excessive amount of system resources.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2016-05-11 06:49:32 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1174608, 1238984, 1284826 | ||
Bug Blocks: | 1171586, 1210268, 1278736 |
Description
Murray McAllister
2014-12-08 06:52:46 UTC
Created file tracking bugs for this issue: Affects: fedora-all [bug 1174608] file-5.22-2.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:2155 https://rhn.redhat.com/errata/RHSA-2015-2155.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0760 https://rhn.redhat.com/errata/RHSA-2016-0760.html |