CVE-2021-30501
N/A
N/A
Summary
An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | upx | upx 4.0 | affected |
Weaknesses
- CWE-20: CWE-20
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=1948696
- https://github.com/upx/upx/issues/486
- https://github.com/upx/upx/pull/487
- https://github.com/upx/upx/commit/28e761cd42211dfe0124b7a29b2f74730f453e46
References
- https://bugzilla.redhat.com/show_bug.cgi?id=1948696
- https://github.com/upx/upx/issues/486
- https://github.com/upx/upx/pull/487
- https://github.com/upx/upx/commit/28e761cd42211dfe0124b7a29b2f74730f453e46
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.