OSV-2024-98

See a problem?
Import Source
https://github.com/google/oss-fuzz-vulns/blob/main/vulns/upx/OSV-2024-98.yaml
JSON Data
https://api.osv.dev/v1/vulns/OSV-2024-98
Published
2024-02-11T00:14:29.715614Z
Modified
2024-04-29T11:31:53.382431Z
Summary
UNKNOWN READ in PackLinuxElf32::adjABS
Details

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66287

Crash type: UNKNOWN READ
Crash state:
PackLinuxElf32::adjABS
PackLinuxElf32::un_asl_dynsym
PackLinuxElf32::un_shlib_1
References

Affected packages

OSS-Fuzz / upx

Package

Name
upx
Purl
pkg:generic/upx

Affected ranges

Type
GIT
Repo
https://github.com/upx/upx.git
Events
Introduced
10807ebdc212c44db366131e71b3e358643eae51
Introduced
666b3c0f74efaa67858e109df93856a6f26f419c
Fixed
ae6d3b9bff87d43f4ef9b345c7c99c0a577a11dc

Affected versions

v4.*

v4.2.2

Ecosystem specific 

{
    "severity": "MEDIUM"
}

Database specific 

{
    "fixed_range": "8f7578eef195ec4168bb691b6100bdf0ff5ac265:ae6d3b9bff87d43f4ef9b345c7c99c0a577a11dc"
}