A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382.
References
Link | Resource |
---|---|
https://github.com/upx/upx/issues/380 | Exploit Issue Tracking Patch |
Configurations
History
28 Mar 2023, 18:05
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
References | (MISC) https://github.com/upx/upx/issues/380 - Exploit, Issue Tracking, Patch | |
CWE | CWE-787 | |
CPE | cpe:2.3:a:upx_project:upx:*:*:*:*:*:*:*:* | |
First Time |
Upx Project upx
Upx Project |
24 Mar 2023, 20:38
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-24 20:15
Updated : 2023-12-10 15:01
NVD link : CVE-2021-43311
Mitre link : CVE-2021-43311
CVE.ORG link : CVE-2021-43311
JSON object : View
Products Affected
upx_project
- upx