8 matches found
Fedora 27 : upx (2017-89e2655938)
3.94 and patch for CVE-2017-15056 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Updated upx package fixes security vulnerability
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack CVE-2017-15056...
openSUSE Security Update : upx (openSUSE-2017-1174)
This update for upx fixes the following security issue : - CVE-2017-15056: specially crafted package may have caused a denial of service boo1062059 In addition upx was updated to 3.94, with the following improvements : - Support for aarch64. - Support for --lzma compression on 64-bit PowerPC...
Fedora Update for upx FEDORA-2017-d22c391318
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : upx (2017-d22c391318)
3.94 and patch for CVE-2017-15056 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
Fedora 25 : upx (2017-caafcbd6b9)
3.94 and patch for CVE-2017-15056 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL...
CVE-2017-15056
plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...
CVE-2017-15056
CVE-2017-15056 affects UPX 3.94 for Linux; the root cause is in p_lx_elf.cpp, where ELF headers are mishandled, enabling a crafted binary to cause a denial of service (application crash) via an Invalid Pointer Read in PackLinuxElf64::unpack(). Open-source advisories from Mageia, Fedora and openSU...