Описание
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| upx-ucl | fixed | 4.2.2-1 | package |
Примечания
https://github.com/upx/upx/issues/395
https://github.com/upx/upx/commit/cc60f03b2eae1626155d0b6d97a2d9d7529616c7
Связанные уязвимости
CVSS3: 7.8
ubuntu
больше 3 лет назад
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVSS3: 7.8
nvd
больше 3 лет назад
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVSS3: 7.8
github
больше 3 лет назад
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.