Unrated severityOSV Advisory· Published Jan 12, 2023· Updated Apr 7, 2025
Upx: segv on packlinuxelf64::invert_pt_dynamic() in p_lx_elf.cpp
CVE-2023-23457
Description
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords7 versionspkg:apk/chainguard/upxpkg:apk/chainguard/upx-docpkg:apk/wolfi/upxpkg:apk/wolfi/upx-docpkg:rpm/opensuse/upx&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/upx&distro=openSUSE%20Tumbleweedpkg:rpm/suse/upx&distro=SUSE%20Package%20Hub%2015%20SP4
< 0+ 6 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 4.0.1-bp154.4.3.1
- (no CPE)range: < 4.0.1-2.1
- (no CPE)range: < 4.0.1-bp154.4.3.1
Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/mitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/mitrevendor-advisory
- bugzilla.redhat.com/show_bug.cgimitre
- github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860mitre
- github.com/upx/upx/issues/631mitre
News mentions
0No linked articles in our index yet.