file: Arbitrary code execution — GLSA 200412-07

The code for parsing ELF headers in file contains a flaw which may allow an attacker to execute arbitrary code.

Affected packages

sys-apps/file on all architectures
Affected versions < 4.12
Unaffected versions >= 4.12

Background

file is a utility used to identify the type of a file.

Description

A possible stack overflow has been found in the ELF header parsing code of file.

Impact

An attacker may be able to create a specially crafted ELF file which, when processed with file, may allow the execution of arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All file users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=sys-apps/file-4.12"

References

Release date
December 13, 2004

Latest revision
May 22, 2006: 02

Severity
normal

Exploitable
remote

Bugzilla entries