An Integer overflow in the getElfSections function in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service (crash) via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-07-27T18:40:33

Updated: 2024-08-05T00:12:43.398Z

Reserved: 2019-07-27T00:00:00

Link: CVE-2019-14295

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-07-27T19:15:12.050

Modified: 2024-11-21T04:26:23.827

Link: CVE-2019-14295

cve-icon Redhat

No data.