CVE-2014-8116

Published: Dec 17, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The ELF parser (readelf.c) in file before 5.21 allows remote attackers to cause a denial of service (CPU consumption or crash) via a large number of (1) program or (2) section headers or (3) invalid capabilities.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/file/file/commit/d7cdad007c507e6c79f51f058dd77fab70ceb9f6

x_refsource_CONFIRM

61944

third-party-advisory

x_refsource_SECUNIA

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

x_refsource_CONFIRM

FreeBSD-SA-14:28

vendor-advisory

x_refsource_FREEBSD

71700

vdb-entry

x_refsource_BID

RHSA-2016:0760

vendor-advisory

x_refsource_REDHAT

https://github.com/file/file/commit/b4c01141e5367f247b84dcaf6aefbb4e741842b8

x_refsource_CONFIRM

USN-2494-1

vendor-advisory

x_refsource_UBUNTU

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

x_refsource_CONFIRM

1031344

vdb-entry

x_refsource_SECTRACK

62081

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20141216 file(1): multiple denial of service issues (resource consumption), CVE-2014-8116 and CVE-2014-8117

mailing-list

x_refsource_MLIST

http://advisories.mageia.org/MGASA-2015-0040.html

x_refsource_CONFIRM

https://github.com/file/file/blob/00cef282a902a4a6709bbbbb933ee397768caa38/ChangeLog

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-8116

Description

Affected Products

References