NULL pointer deference flaw was found in the way file processed root_storage entries in Composite Document Files (CDF). A crafted CDF file could cause file to crash. This issue was introduced in the following commit: https://github.com/file/file/commit/209113ac443c82cc7573bb228b68ce1dd9d50f90 This change was introduced in upstream version 5.18, previous versions are not affected.
Acknowledgment: This issue was discovered by Francisco Alonso of the Red Hat Security Response Team.
PHP bug https://bugs.php.net/bug.php?id=67329
Upstream fix (src/readcdf.c part of this upstream commit): https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391#diff-1
The versions of file in current Red Hat Enterprise Linux and Fedora versions, as well as versions of file included in the php packages in current Red Hat Enterprise Linux and Fedora versions, are older than 5.18 and hence are not affected by this issue. Statement: Not vulnerable. This issue did not affect the versions of file, php, and php53 as shipped with Red Hat Enterprise Linux 5 and 6.