CVE-2014-3710

Summary

CVE	CVE-2014-3710
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2014-11-05 11:55:00 UTC
Updated	2023-11-07 02:20:00 UTC
Description	The donote function in readelf.c in file through 5.20, as used in the Fileinfo component in PHP 5.4.34, does not ensure that sufficient note headers are present, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Canonical	Ubuntu Linux	10.04	All	All	All
Operating System	Canonical	Ubuntu Linux	12.04	All	All	All
Operating System	Canonical	Ubuntu Linux	14.04	All	All	All
Operating System	Canonical	Ubuntu Linux	14.10	All	All	All
Operating System	Debian	Debian Linux	7.0	All	All	All
Operating System	Debian	Debian Linux	8.0	All	All	All
Application	Php	Php	All	All	All	All
Application	Php	Php	5.4.34	All	All	All
Application	Php	Php	5.4.34	All	All	All

References

Reference	Source	Link	Tags
Oracle Bulletin Board Update - January 2015	CONFIRM	www.oracle.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Fix note bounds reading, Francisco Alonso / Red Hat · file/file@39c7ac1 · GitHub	CONFIRM	github.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
FreeBSD-SA-14:28	FREEBSD	www.freebsd.org
Red Hat Customer Portal	REDHAT	rhn.redhat.com
openSUSE-SU-2014:1516-1: moderate: Security update for file	SUSE	lists.opensuse.org
Security Advisory SA61970 - Oracle Linux update for php53 - Secunia	SECUNIA	secunia.com
USN-2494-1: file vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
file: Multiple vulnerabilities (GLSA 201701-42) — Gentoo security	GENTOO	security.gentoo.org
Security Advisory SA60630 - Red Hat update for php53 - Secunia	SECUNIA	secunia.com
PHP: Multiple vulnerabilities (GLSA 201503-03) — Gentoo security	GENTOO	security.gentoo.org
APPLE-SA-2015-04-08-2 OS X 10.10.3 and Security Update 2015-004	APPLE	lists.apple.com
Oracle Linux Bulletin - April 2016	CONFIRM	www.oracle.com
Bug 1155071 – CVE-2014-3710 file: out-of-bounds read in elf note headers	CONFIRM	bugzilla.redhat.com
208.43.231.11 Git - php-src.git/commit		git.php.net
Oracle Solaris Third Party Bulletin - July 2015	CONFIRM	www.oracle.com
linux.oracle.com \| ELSA-2014-1767	CONFIRM	linux.oracle.com
Security Advisory SA61982 - Oracle Linux update for php - Secunia	SECUNIA	secunia.com
Security Advisory SA62559 - Debian update for php5 - Secunia	SECUNIA	secunia.com
linux.oracle.com \| ELSA-2014-1768	CONFIRM	linux.oracle.com
Oracle Linux Bulletin - October 2015	CONFIRM	www.oracle.com
FreeBSD file(1) and libmagic(3) File Processing Flaws Let Remote Users Deny Service - SecurityTracker	SECTRACK	www.securitytracker.com
Security Advisory SA61763 - Ubuntu update for php5 - Secunia	SECUNIA	secunia.com
Debian -- Security Information -- DSA-3072-1 file	DEBIAN	www.debian.org
PHP :: Sec Bug #68283 :: fileinfo: out-of-bounds read in elf note headers	CONFIRM	bugs.php.net	Patch, Vendor Advisory
USN-2391-1: php5 vulnerabilities \| Ubuntu	UBUNTU	www.ubuntu.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
Security Advisory SA62347 - Debian update for file - Secunia	SECUNIA	secunia.com
Red Hat Customer Portal	REDHAT	rhn.redhat.com
208.43.231.11 Git - php-src.git/commit	CONFIRM	git.php.net
About the security content of OS X Yosemite v10.10.3 and Security Update 2015-004 - Apple Support	CONFIRM	support.apple.com
Security Advisory SA60699 - Red Hat update for php - Secunia	SECUNIA	secunia.com
PHP 'donote()' Function Out-of-Bounds Read Vulnerability	BID	www.securityfocus.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

710357 Gentoo Linux file Multiple Vulnerabilities (GLSA 201701-42)