Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2023-23457HistoryJan 12, 2023 - 7:15 p.m.
CVE-2023-23457
2023-01-1219:15:24
Debian Security Bug Tracker
security-tracker.debian.org
12
upx
segmentation fault
denial of service
packlinuxelf64
crafted input file
memory address access
unix
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
29.1%
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | upx-ucl | <= 3.96-2 | upx-ucl_3.96-2_all.deb |
| Debian | 999 | all | upx-ucl | < 4.2.2-1 | upx-ucl_4.2.2-1_all.deb |
| Debian | 13 | all | upx-ucl | < 4.2.2-1 | upx-ucl_4.2.2-1_all.deb |
Related
veracode
veracode
Denial Of Service (DoS)
2023-02-08 18:05:41
nvd
nvd
CVE-2023-23457
2023-01-12 19:15:24
cve
cve
CVE-2023-23457
2023-01-12 19:15:24
nessus
nessus
openSUSE 15 Security Update : upx (openSUSE-SU-2023:0031-1)
2023-01-24 00:00:00
Fedora 36 : upx (2023-8d91390935)
2023-01-22 00:00:00
Fedora 37 : upx (2023-89fdc22ace)
2023-01-22 00:00:00
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2023-23457
2023-01-12 00:00:00
alpinelinux
alpinelinux
CVE-2023-23457
2023-01-12 19:15:24
prion
prion
Design/Logic Flaw
2023-01-12 19:15:00
openvas
openvas
openSUSE: Security Advisory for upx (openSUSE-SU-2023:0031-1)
2024-03-04 00:00:00
Fedora: Security Advisory for upx (FEDORA-2023-8d91390935)
2023-01-22 00:00:00
Mageia: Security Advisory (MGASA-2023-0052)
2023-03-28 00:00:00
osv
osv
CVE-2023-23457
2023-01-12 19:15:24
mageia
mageia
Updated upx packages fix security vulnerability
2023-02-21 00:25:36
rosalinux
rosalinux
Advisory ROSA-SA-2024-2414
2024-05-07 07:39:19
Advisory ROSA-SA-2023-2260
2023-10-22 05:19:12
fedora
fedora
[SECURITY] Fedora 37 Update: upx-4.0.1-2.fc37
2023-01-22 01:47:43
[SECURITY] Fedora 36 Update: upx-4.0.1-2.fc36
2023-01-22 01:52:25
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
29.1%
Related for DEBIANCVE:CVE-2023-23457