Unrated severityNVD Advisory· Published Jul 27, 2019· Updated Aug 5, 2024
CVE-2019-14295
CVE-2019-14295
Description
An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- UPX/UPXdescription
Patches
Vulnerability mechanics
References
3- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MOCJ43HTM45GZCAQ2FLEBDNBM76V22RG/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T52JATXV6NTPTMGXCRGT37H6KXERYNZN/mitrevendor-advisoryx_refsource_FEDORA
- github.com/upx/upx/issues/286mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.