do_bid_note in readelf.c in libmagic in file 5.35 has a stack-based buffer over-read, related to file_printf and file_vprintf.
Created file tracking bugs for this issue:
Affects: fedora-all [bug 1679189]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):