CVE-2025-2849 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::un_DT_INIT of the file src/p_lx_elf…
Medium CVSS: 4.8

CVE-2025-2849

A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::un_DT_INIT of the file src/p_lx_elf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as e0b6ff192412f5bb5364c1948f4f6b27a0cd5ea2. It is recommended to apply a patch to fix this issue.
Vendor
Upx
Product
Upx
CWE
CWE-119
Yayın Tarihi
2025-03-27 14:15:55
Güncelleme
2025-04-11 16:09:36
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-119 Upx MEDIUM Upx 2025

Referanslar

https://github.com/upx/upx/commit/e0b6ff192412f5bb5364c1948f4f6b27a0cd5ea2 https://github.com/upx/upx/issues/898 https://github.com/upx/upx/issues/898#issuecomment-2734082143 https://github.com/user-attachments/files/19307868/input.zip https://vuldb.com/?ctiid.301494 https://vuldb.com/?id.301494 https://vuldb.com/?submit.522371 https://github.com/upx/upx/issues/898#issuecomment-2734082143