Unrated severityNVD Advisory· Published Apr 2, 2024· Updated Feb 13, 2025
UPX bele.h get_ne64 heap-based overflow
CVE-2024-3209
Description
A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259055. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
7- drive.google.com/drive/folders/1qlUXvycOzGJygfkdQB9dGO6VwNRRZoihmitreexploit
- vuldb.commitrethird-party-advisory
- vuldb.commitresignaturepermissions-required
- vuldb.commitrevdb-entrytechnical-description
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AE5OZ7YUEVLXVVS6PFP5RELVICQ4K6QK/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J4DNK3AFPT4KIPTBKGCJ6FC3L7AWI2TN/mitre
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZHWZN2NX5W3WYA6ACJ746PAZXXNZETKD/mitre
News mentions
0No linked articles in our index yet.