CVE-2023-23457 - OpenCVE

A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Upx Project	Upx
Fedoraproject	Fedora

Configuration 1 [-]

cpe:2.3:a:upx_project:upx:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:36:::::::*
	cpe:2.3:o:fedoraproject:fedora:37:::::::*

References

Link	Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2160382	Issue Tracking Patch Third Party Advisory
https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860	Patch Third Party Advisory
https://github.com/upx/upx/issues/631	Exploit Patch Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: fedora

Published: 2023-01-12T00:00:00

Updated: 2024-04-19T13:34:56.910Z

Reserved: 2023-01-12T00:00:00

Link: CVE-2023-23457

JSON object: View

NVD Information

Status : Modified

Published: 2023-01-12T19:15:24.810

Modified: 2024-04-19T14:15:08.730

Link: CVE-2023-23457

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-23457", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "assignerShortName": "fedora", "dateUpdated": "2024-04-19T13:34:56.910Z", "dateReserved": "2023-01-12T00:00:00", "datePublished": "2023-01-12T00:00:00"}, "containers": {"cna": {"title": "Upx: segv on packlinuxelf64::invert_pt_dynamic() in p_lx_elf.cpp", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service."}], "affected": [{"versions": [{"status": "unaffected", "version": "4.0.2", "lessThan": "*", "versionType": "semver"}], "packageName": "upx", "collectionURL": "https://github.com/upx/upx"}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160382"}, {"url": "https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860"}, {"url": "https://github.com/upx/upx/issues/631"}, {"name": "FEDORA-2023-8d91390935", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/"}, {"name": "FEDORA-2023-89fdc22ace", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/"}], "datePublic": "2022-11-24T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-119", "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer", "timeline": [{"lang": "en", "time": "2023-01-12T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2022-11-24T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Chenweijia for reporting this issue."}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-04-19T13:34:56.910Z"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:upx_project:upx:*:*:*:*:*:*:*:*", "matchCriteriaId": "191334EB-C1FD-4A4C-A48A-139452FD5DF4", "versionEndExcluding": "2022-11-23", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service."}, {"lang": "es", "value": "Se encontr\u00f3 una falla de segmentaci\u00f3n en UPX en PackLinuxElf64::invert_pt_dynamic() en p_lx_elf.cpp. Un atacante con un archivo de entrada manipulado permite el acceso a una direcci\u00f3n de memoria no v\u00e1lida que podr\u00eda provocar una denegaci\u00f3n de servicio."}], "id": "CVE-2023-23457", "lastModified": "2024-04-19T14:15:08.730", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "patrick@puiterwijk.org", "type": "Secondary"}]}, "published": "2023-01-12T19:15:24.810", "references": [{"source": "patrick@puiterwijk.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160382"}, {"source": "patrick@puiterwijk.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860"}, {"source": "patrick@puiterwijk.org", "tags": ["Exploit", "Patch", "Third Party Advisory"], "url": "https://github.com/upx/upx/issues/631"}, {"source": "patrick@puiterwijk.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/"}, {"source": "patrick@puiterwijk.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/"}], "sourceIdentifier": "patrick@puiterwijk.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "patrick@puiterwijk.org", "type": "Secondary"}]}