63 matches found
EUVD-2020-16855
Malware in sbrugna...
Heap Buffer Overflow
UPX is vulnerable to a heap-based buffer overflow. The vulnerability is due to the variable 'bucket' pointing to an inaccessible address in the function PackLinuxElf32::invertptdynamic at plxelf.cpp which can be exploited by attackers to execute arbitrary code or cause a denial of service...
SUSE CVE-2021-43315
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf32::elflookup at plxelf.cpp:5349...
DEBIAN-CVE-2021-43313
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688...
CVE-2021-43312
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invertptdynamic at plxelf.cpp:5239...
CVE-2021-43312
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invertptdynamic at plxelf.cpp:5239...
CVE-2021-43313
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688...
CVE-2021-43313
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688...
DEBIAN-CVE-2021-43317
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf64::elflookup at plxelf.cpp:5404...
Heap overflow
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688...
CVE-2021-43311
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf32::elflookup at plxelf.cpp:5382...
UBUNTU-CVE-2021-43313
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688...
CVE-2021-43312
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invertptdynamic at plxelf.cpp:5239...
CVE-2021-43313
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688...
CVE-2021-43312
CVE-2021-43312 is a heap-based buffer overflow in UPX affecting the Linux ELF packing path, specifically PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239. Multiple connected sources (including OSV entries and openSUSE/SUSE advisories) confirm the vulnerability and the affected component, wi...
CVE-2021-43311
A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func getle32. The problem is essentially caused in PackLinuxElf32::elflookup at plxelf.cpp:5382...
CVE-2021-43312
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invertptdynamic at plxelf.cpp:5239...
CVE-2021-43313
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invertptdynamic at plxelf.cpp:1688...
CVE-2021-43313
UPX is affected by CVE-2021-43313: a heap-based buffer overflow in PackLinuxElf32::invert_pt_dynamic (p_lx_elf.cpp:1688) when processing ELF inputs. Several connected sources confirm the issue and reference the same function/path. The OSV/OpenSUSE advisory indicates this CVE was addressed in the ...
CVE-2021-43312
A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invertptdynamic at plxelf.cpp:5239...