CVE-2014-3710

NameCVE-2014-3710
DescriptionThe donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-86-1, DLA-94-1, DSA-3072-1, DSA-3074-1
Debian Bugs768806, 768807

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
file (PTS)buster1:5.35-4+deb10u2fixed
buster (security)1:5.35-4+deb10u1fixed
bullseye (security), bullseye1:5.39-3+deb11u1fixed
bookworm1:5.44-3fixed
trixie1:5.45-2fixed
sid1:5.45-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
filesourcesqueeze5.04-5+squeeze8DLA-86-1
filesourcewheezy5.11-2+deb7u6DSA-3072-1
filesource(unstable)1:5.20-2768806
php5sourcesqueeze5.3.3-7+squeeze23DLA-94-1
php5sourcewheezy5.4.35-0+deb7u1DSA-3074-1
php5source(unstable)5.6.3+dfsg-1768807

Notes

Upstream fix: https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
https://bugs.php.net/bug.php?id=68283
https://git.php.net/?p=php-src.git;a=commitdiff;h=1803228597e82218a8c105e67975bc50e6f5bf0d (PHP 5.4 branch)

Search for package or bug name: Reporting problems