Versions mentioned in the description apply to the upstream
Remediation section below for
Debian:9 relevant versions.
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
file to version 1:5.30-1+deb9u2 or higher.