{"id":"CVE-2018-10360","details":"The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.","modified":"2026-05-17T11:54:08.365703419Z","published":"2018-06-11T10:29:00.233Z","related":["SUSE-SU-2018:2044-1","SUSE-SU-2018:2682-1","SUSE-SU-2019:0571-1","SUSE-SU-2019:0839-1","openSUSE-SU-2019:0345-1","openSUSE-SU-2024:10755-1"],"database_specific":{"unresolved_ranges":[{"vendor_product":"canonical:ubuntu_linux","extracted_events":[{"last_affected":"12.04"},{"last_affected":"14.04"},{"last_affected":"16.04"},{"last_affected":"17.10"},{"last_affected":"18.04"}],"cpes":["cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"],"source":"CPE_FIELD"},{"vendor_product":"opensuse:leap","extracted_events":[{"last_affected":"15.0"},{"last_affected":"42.3"}],"cpes":["cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"],"source":"CPE_FIELD"}]},"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00027.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00053.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201806-08"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3686-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3686-2/"},{"type":"FIX","url":"https://github.com/file/file/commit/a642587a9c9e2dd7feacdf513c3643ce26ad3c22"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}