Heap-Based Buffer Overflow in upx: Exploiting Inaccessible Address in PackLinuxElf32::invert_pt_dynamic

Heap-Based Buffer Overflow in upx: Exploiting Inaccessible Address in PackLinuxElf32::invert_pt_dynamic

CVE-2021-43313 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invert_pt_dynamic at p_lx_elf.cpp:1688.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.