CVE-2022-21711

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-21711
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-21711.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-21711
Related
  • GHSA-jr8h-2657-m68r
Published
2022-01-24T20:15:08Z
Modified
2025-01-14T21:20:13Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H CVSS Calculator
Summary
[none]
Details

elfspirit is an ELF static analysis and injection framework that parses, manipulates, and camouflages ELF files. When analyzing the ELF file format in versions prior to 1.1, there is an out-of-bounds read bug, which can lead to application crashes or information leakage. By constructing a special format ELF file, the information of any address can be leaked. elfspirit version 1.1 contains a patch for this issue.

References

Affected packages

Git / github.com/liyansong2018/elfspirit

Affected ranges

Type
GIT
Repo
https://github.com/liyansong2018/elfspirit
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed