MGASA-2014-0092

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2014-1943

Published: 22 Feb 2014, 19:10

Last modified:16 Apr 2026, 06:26

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

22 Feb 2014, 19:10

Published

Vulnerability first disclosed

16 Apr 2026, 06:26

Last Modified

Vulnerability information updated

Description

Updated file package fixes security vulnerability It was discovered that file before 5.17 contains a flaw in the handling of "indirect" magic rules in the libmagic library, which leads to an infinite recursion when trying to determine the file type of certain files (CVE-2014-1943). Additionally, other well-crafted files might result in long computation times (while using 100% CPU) and overlong results. The affected packages have been patched to correct these flaws.

Affected Systems

mageia•file
< 5.12-8.1.mga3
mageia•file
< 5.16-1.1.mga4

MGASA-2014-0092

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)