Untriaged
Permalink
CVE-2023-23457
5.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
Upx: segv on packlinuxelf64::invert_pt_dynamic() in p_lx_elf.cpp
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2160382
- https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860
- https://github.com/upx/upx/issues/631
- FEDORA-2023-8d91390935 vendor-advisory
- FEDORA-2023-89fdc22ace vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2160382
- https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860
- https://github.com/upx/upx/issues/631
- FEDORA-2023-8d91390935 vendor-advisory
- FEDORA-2023-89fdc22ace vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2160382 x_transferred
- https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860 x_transferred
- https://github.com/upx/upx/issues/631 x_transferred
- FEDORA-2023-8d91390935 vendor-advisory x_transferred
- FEDORA-2023-89fdc22ace vendor-advisory x_transferred
- https://github.com/upx/upx/issues/631
- FEDORA-2023-8d91390935 vendor-advisory
- FEDORA-2023-89fdc22ace vendor-advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2160382
- https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860
- https://bugzilla.redhat.com/show_bug.cgi?id=2160382 x_transferred
- https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860 x_transferred
- https://github.com/upx/upx/issues/631 x_transferred
- FEDORA-2023-8d91390935 vendor-advisory x_transferred
- FEDORA-2023-89fdc22ace vendor-advisory x_transferred
Affected products
upx
- *