CVE-2020-27787: Buffer Overflow
First published: Thu Aug 18 2022(Updated: )
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| UPX | <3.96 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-27787.
What is the severity level of CVE-2020-27787?
CVE-2020-27787 has a severity level of medium (5.5).
How does this vulnerability occur?
This vulnerability occurs due to a segmentation fault found in UPX in the invert_pt_dynamic() function in p_lx_elf.cpp.
What can an attacker do with this vulnerability?
An attacker with a crafted input file can exploit this vulnerability to gain access to invalid memory addresses, potentially leading to a denial of service.
Is there a fix available for CVE-2020-27787?
Yes, a fix for CVE-2020-27787 is available. Please refer to the provided references for more information.
- agent/references
- agent/type
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/description
- agent/event
- agent/first-publish-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/upx project
- canonical/upx