INFSA-2024:2512: file security update
Information about definition
Identificator: INFSA-2024:2512
Type: security
Release date: 2024-12-27 09:48:34 UTC
Information about package
The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format (ELF) binary files, system libraries, RPM packages, and different graphics formats.
Vulnerabilities description
- CVE-2022-48554
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2022-48554
|
no information | 5.5 | no information |
Updated packages