CVE-2014-3710

The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
phpphp
5.4.0 ≤
𝑥
< 5.4.35
phpphp
5.5.0 ≤
𝑥
< 5.5.19
phpphp
5.6.0 ≤
𝑥
< 5.6.3
debiandebian_linux
7.0
debiandebian_linux
8.0
canonicalubuntu_linux
10.04
canonicalubuntu_linux
12.04
canonicalubuntu_linux
14.04
canonicalubuntu_linux
14.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
file
bookworm
1:5.44-3
fixed
bullseye
1:5.39-3+deb11u1
fixed
bullseye (security)
1:5.39-3+deb11u1
fixed
sid
1:5.45-3
fixed
trixie
1:5.45-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
file
lucid
Fixed 5.03-5ubuntu1.5
released
precise
Fixed 5.09-2ubuntu0.6
released
trusty
Fixed 1:5.14-2ubuntu3.3
released
utopic
Fixed 1:5.19-1ubuntu1.2
released
php5
lucid
Fixed 5.3.2-1ubuntu4.28
released
precise
Fixed 5.3.10-1ubuntu3.15
released
trusty
Fixed 5.5.9+dfsg-1ubuntu4.5
released
utopic
Fixed 5.5.12+dfsg-2ubuntu4.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
file
suse enterprise desktop 15
5.32-5.22
fixed
suse enterprise desktop 15 SP1
5.32-7.5.1
fixed
suse enterprise desktop 15 SP2
5.32-7.8.1
fixed
suse enterprise desktop 15 SP3
5.32-7.11.2
fixed
suse enterprise desktop 15 SP4
5.32-7.14.1
fixed
suse enterprise desktop 15 SP5
5.32-7.14.1
fixed
suse enterprise desktop 15 SP6
5.32-7.14.1
fixed
suse enterprise desktop 15 SP7
5.32-7.14.1
fixed
suse enterprise sap 12
5.19-5.2
fixed
suse enterprise sap 12 SP5
5.22-10.12.2
fixed
suse enterprise sap 15
5.32-5.22
fixed
suse enterprise sap 15 SP1
5.32-7.5.1
fixed
suse enterprise sap 15 SP2
5.32-7.8.1
fixed
suse enterprise sap 15 SP3
5.32-7.11.2
fixed
suse enterprise sap 15 SP4
5.32-7.14.1
fixed
suse enterprise sap 15 SP5
5.32-7.14.1
fixed
suse enterprise sap 15 SP6
5.32-7.14.1
fixed
suse enterprise sap 15 SP7
5.32-7.14.1
fixed
suse enterprise server 12
5.19-5.2
fixed
suse enterprise server 12 SP1
5.19-9.1
fixed
suse enterprise server 12 SP2
5.19-9.1
fixed
suse enterprise server 12 SP3
5.19-9.1
fixed
suse enterprise server 12 SP5
5.22-10.12.2
fixed
suse enterprise server 15
5.32-5.22
fixed
suse enterprise server 15 SP1
5.32-7.5.1
fixed
suse enterprise server 15 SP2
5.32-7.8.1
fixed
suse enterprise server 15 SP3
5.32-7.11.2
fixed
suse enterprise server 15 SP4
5.32-7.14.1
fixed
suse enterprise server 15 SP5
5.32-7.14.1
fixed
suse enterprise server 15 SP6
5.32-7.14.1
fixed
suse enterprise server 15 SP7
5.32-7.14.1
fixed
file-devel
suse enterprise desktop 15
5.32-5.22
fixed
suse enterprise desktop 15 SP1
5.32-7.5.1
fixed
suse enterprise desktop 15 SP2
5.32-7.8.1
fixed
suse enterprise desktop 15 SP3
5.32-7.11.2
fixed
suse enterprise desktop 15 SP4
5.32-7.14.1
fixed
suse enterprise desktop 15 SP5
5.32-7.14.1
fixed
suse enterprise desktop 15 SP6
5.32-7.14.1
fixed
suse enterprise desktop 15 SP7
5.32-7.14.1
fixed
suse enterprise sap 15
5.32-5.22
fixed
suse enterprise sap 15 SP1
5.32-7.5.1
fixed
suse enterprise sap 15 SP2
5.32-7.8.1
fixed
suse enterprise sap 15 SP3
5.32-7.11.2
fixed
suse enterprise sap 15 SP4
5.32-7.14.1
fixed
suse enterprise sap 15 SP5
5.32-7.14.1
fixed
suse enterprise sap 15 SP6
5.32-7.14.1
fixed
suse enterprise sap 15 SP7
5.32-7.14.1
fixed
suse enterprise server 15
5.32-5.22
fixed
suse enterprise server 15 SP1
5.32-7.5.1
fixed
suse enterprise server 15 SP2
5.32-7.8.1
fixed
suse enterprise server 15 SP3
5.32-7.11.2
fixed
suse enterprise server 15 SP4
5.32-7.14.1
fixed
suse enterprise server 15 SP5
5.32-7.14.1
fixed
suse enterprise server 15 SP6
5.32-7.14.1
fixed
suse enterprise server 15 SP7
5.32-7.14.1
fixed
file-magic
suse enterprise desktop 15
5.32-5.22
fixed
suse enterprise desktop 15 SP1
5.32-7.5.1
fixed
suse enterprise desktop 15 SP2
5.32-7.8.1
fixed
suse enterprise desktop 15 SP3
5.32-7.11.2
fixed
suse enterprise desktop 15 SP4
5.32-7.14.1
fixed
suse enterprise desktop 15 SP5
5.32-7.14.1
fixed
suse enterprise desktop 15 SP6
5.32-7.14.1
fixed
suse enterprise desktop 15 SP7
5.32-7.14.1
fixed
suse enterprise sap 12
5.19-5.2
fixed
suse enterprise sap 12 SP5
5.22-10.12.2
fixed
suse enterprise sap 15
5.32-5.22
fixed
suse enterprise sap 15 SP1
5.32-7.5.1
fixed
suse enterprise sap 15 SP2
5.32-7.8.1
fixed
suse enterprise sap 15 SP3
5.32-7.11.2
fixed
suse enterprise sap 15 SP4
5.32-7.14.1
fixed
suse enterprise sap 15 SP5
5.32-7.14.1
fixed
suse enterprise sap 15 SP6
5.32-7.14.1
fixed
suse enterprise sap 15 SP7
5.32-7.14.1
fixed
suse enterprise server 12
5.19-5.2
fixed
suse enterprise server 12 SP1
5.19-9.1
fixed
suse enterprise server 12 SP2
5.19-9.1
fixed
suse enterprise server 12 SP3
5.19-9.1
fixed
suse enterprise server 12 SP5
5.22-10.12.2
fixed
suse enterprise server 15
5.32-5.22
fixed
suse enterprise server 15 SP1
5.32-7.5.1
fixed
suse enterprise server 15 SP2
5.32-7.8.1
fixed
suse enterprise server 15 SP3
5.32-7.11.2
fixed
suse enterprise server 15 SP4
5.32-7.14.1
fixed
suse enterprise server 15 SP5
5.32-7.14.1
fixed
suse enterprise server 15 SP6
5.32-7.14.1
fixed
suse enterprise server 15 SP7
5.32-7.14.1
fixed
libmagic1
suse enterprise desktop 15
5.32-5.22
fixed
suse enterprise desktop 15 SP1
5.32-7.5.1
fixed
suse enterprise desktop 15 SP2
5.32-7.8.1
fixed
suse enterprise desktop 15 SP3
5.32-7.11.2
fixed
suse enterprise desktop 15 SP4
5.32-7.14.1
fixed
suse enterprise desktop 15 SP5
5.32-7.14.1
fixed
suse enterprise desktop 15 SP6
5.32-7.14.1
fixed
suse enterprise desktop 15 SP7
5.32-7.14.1
fixed
suse enterprise sap 12
5.19-5.2
fixed
suse enterprise sap 12 SP5
5.22-10.12.2
fixed
suse enterprise sap 15
5.32-5.22
fixed
suse enterprise sap 15 SP1
5.32-7.5.1
fixed
suse enterprise sap 15 SP2
5.32-7.8.1
fixed
suse enterprise sap 15 SP3
5.32-7.11.2
fixed
suse enterprise sap 15 SP4
5.32-7.14.1
fixed
suse enterprise sap 15 SP5
5.32-7.14.1
fixed
suse enterprise sap 15 SP6
5.32-7.14.1
fixed
suse enterprise sap 15 SP7
5.32-7.14.1
fixed
suse enterprise server 12
5.19-5.2
fixed
suse enterprise server 12 SP1
5.19-9.1
fixed
suse enterprise server 12 SP2
5.19-9.1
fixed
suse enterprise server 12 SP3
5.19-9.1
fixed
suse enterprise server 12 SP5
5.22-10.12.2
fixed
suse enterprise server 15
5.32-5.22
fixed
suse enterprise server 15 SP1
5.32-7.5.1
fixed
suse enterprise server 15 SP2
5.32-7.8.1
fixed
suse enterprise server 15 SP3
5.32-7.11.2
fixed
suse enterprise server 15 SP4
5.32-7.14.1
fixed
suse enterprise server 15 SP5
5.32-7.14.1
fixed
suse enterprise server 15 SP6
5.32-7.14.1
fixed
suse enterprise server 15 SP7
5.32-7.14.1
fixed
libmagic1-32bit
suse enterprise desktop 15
5.32-5.22
fixed
suse enterprise desktop 15 SP1
5.32-7.5.1
fixed
suse enterprise desktop 15 SP2
5.32-7.8.1
fixed
suse enterprise desktop 15 SP3
5.32-7.11.2
fixed
suse enterprise desktop 15 SP4
5.32-7.14.1
fixed
suse enterprise desktop 15 SP5
5.32-7.14.1
fixed
suse enterprise desktop 15 SP6
5.32-7.14.1
fixed
suse enterprise desktop 15 SP7
5.32-7.14.1
fixed
suse enterprise sap 12
5.19-5.2
fixed
suse enterprise sap 12 SP5
5.22-10.12.2
fixed
suse enterprise sap 15
5.32-5.22
fixed
suse enterprise sap 15 SP1
5.32-7.5.1
fixed
suse enterprise sap 15 SP2
5.32-7.8.1
fixed
suse enterprise sap 15 SP3
5.32-7.11.2
fixed
suse enterprise sap 15 SP4
5.32-7.14.1
fixed
suse enterprise sap 15 SP5
5.32-7.14.1
fixed
suse enterprise sap 15 SP6
5.32-7.14.1
fixed
suse enterprise sap 15 SP7
5.32-7.14.1
fixed
suse enterprise server 12
5.19-5.2
fixed
suse enterprise server 12 SP1
5.19-9.1
fixed
suse enterprise server 12 SP2
5.19-9.1
fixed
suse enterprise server 12 SP3
5.19-9.1
fixed
suse enterprise server 12 SP5
5.22-10.12.2
fixed
suse enterprise server 15
5.32-5.22
fixed
suse enterprise server 15 SP1
5.32-7.5.1
fixed
suse enterprise server 15 SP2
5.32-7.8.1
fixed
suse enterprise server 15 SP3
5.32-7.11.2
fixed
suse enterprise server 15 SP4
5.32-7.14.1
fixed
suse enterprise server 15 SP5
5.32-7.14.1
fixed
suse enterprise server 15 SP6
5.32-7.14.1
fixed
suse enterprise server 15 SP7
5.32-7.14.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
file
RHEL 6
0:5.04-30.el6
fixed
RHEL 7
0:5.11-31.el7
fixed
file-devel
RHEL 6
0:5.04-30.el6
fixed
RHEL 7
0:5.11-31.el7
fixed
file-libs
RHEL 6
0:5.04-30.el6
fixed
RHEL 7
0:5.11-31.el7
fixed
file-static
RHEL 6
0:5.04-30.el6
fixed
RHEL 7
0:5.11-31.el7
fixed
php
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-bcmath
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-cli
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-common
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-dba
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-devel
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-embedded
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-enchant
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-fpm
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-gd
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-imap
RHEL 6
0:5.3.3-40.el6_6
fixed
php-intl
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-ldap
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-mbstring
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-mysql
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-mysqlnd
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-odbc
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-pdo
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-pgsql
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-process
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-pspell
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-recode
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-snmp
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-soap
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-tidy
RHEL 6
0:5.3.3-40.el6_6
fixed
php-xml
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-xmlrpc
RHEL 6
0:5.3.3-40.el6_6
fixed
RHEL 7
0:5.4.16-23.el7_0.3
fixed
php-zts
RHEL 6
0:5.3.3-40.el6_6
fixed
python-magic
RHEL 6
0:5.04-30.el6
fixed
RHEL 7
0:5.11-31.el7
fixed
Common Weakness Enumeration
References
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1803228597e82218a8c105e67975bc50e6f5bf0d
http://linux.oracle.com/errata/ELSA-2014-1767.html
http://linux.oracle.com/errata/ELSA-2014-1768.html
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html
http://rhn.redhat.com/errata/RHSA-2014-1765.html
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://rhn.redhat.com/errata/RHSA-2014-1767.html
http://rhn.redhat.com/errata/RHSA-2014-1768.html
http://rhn.redhat.com/errata/RHSA-2016-0760.html
http://secunia.com/advisories/60630
http://secunia.com/advisories/60699
http://secunia.com/advisories/61763
http://secunia.com/advisories/61970
http://secunia.com/advisories/61982
http://secunia.com/advisories/62347
http://secunia.com/advisories/62559
http://www.debian.org/security/2014/dsa-3072
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/70807
http://www.securitytracker.com/id/1031344
http://www.ubuntu.com/usn/USN-2391-1
http://www.ubuntu.com/usn/USN-2494-1
https://bugs.php.net/bug.php?id=68283
https://bugzilla.redhat.com/show_bug.cgi?id=1155071
https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
https://security.gentoo.org/glsa/201503-03
https://security.gentoo.org/glsa/201701-42
https://support.apple.com/HT204659
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
http://git.php.net/?p=php-src.git%3Ba=commit%3Bh=1803228597e82218a8c105e67975bc50e6f5bf0d
http://linux.oracle.com/errata/ELSA-2014-1767.html
http://linux.oracle.com/errata/ELSA-2014-1768.html
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html
http://rhn.redhat.com/errata/RHSA-2014-1765.html
http://rhn.redhat.com/errata/RHSA-2014-1766.html
http://rhn.redhat.com/errata/RHSA-2014-1767.html
http://rhn.redhat.com/errata/RHSA-2014-1768.html
http://rhn.redhat.com/errata/RHSA-2016-0760.html
http://secunia.com/advisories/60630
http://secunia.com/advisories/60699
http://secunia.com/advisories/61763
http://secunia.com/advisories/61970
http://secunia.com/advisories/61982
http://secunia.com/advisories/62347
http://secunia.com/advisories/62559
http://www.debian.org/security/2014/dsa-3072
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/70807
http://www.securitytracker.com/id/1031344
http://www.ubuntu.com/usn/USN-2391-1
http://www.ubuntu.com/usn/USN-2494-1
https://bugs.php.net/bug.php?id=68283
https://bugzilla.redhat.com/show_bug.cgi?id=1155071
https://github.com/file/file/commit/39c7ac1106be844a5296d3eb5971946cc09ffda0
https://security.gentoo.org/glsa/201503-03
https://security.gentoo.org/glsa/201701-42
https://support.apple.com/HT204659
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc