A stack-based buffer overflow in do_bid_note() function on readelf.c was found allowing the attacker to overwrite a fixed 20 bytes stack buffer with specially crafted .notes section in ELF binary. Upstream patch: https://github.com/file/file/commit/35c94dc6acc418f1ad7f6241a6680e5327495793 Introduced by commit: https://github.com/file/file/commit/9611f31313a93aa036389c5f3b15eea53510d4d1
Acknowledgments: Name: Thomas Jarosch (Intra2net AG)
References: http://seclists.org/oss-sec/2017/q3/397
Created file tracking bugs for this issue: Affects: fedora-all [bug 1488575]