CVE-2023-23456 - Vulnerability Details - OpenCVE

A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Fedoraproject	Fedora
Upx Project	Upx

Configuration 1 [-]

cpe:2.3:a:upx_project:upx:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:36:::::::*
	cpe:2.3:o:fedoraproject:fedora:37:::::::*

No data.

References

Link	Providers
https://bugzilla.redhat.com/show_bug.cgi?id=2160381
https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4
https://github.com/upx/upx/issues/632
https://lists.debian.org/debian-lts-announce/2024/12/msg00013.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/

History

Thu, 12 Dec 2024 01:45:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2024/12/msg00013.html

Wed, 18 Sep 2024 08:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2023-01-12T00:00:00

Updated: 2024-12-11T19:02:29.592Z

Reserved: 2023-01-12T00:00:00

Link: CVE-2023-23456

Vulnrichment

Updated: 2024-12-11T19:02:29.592Z

NVD

Status : Modified

Published: 2023-01-12T19:15:24.693

Modified: 2024-12-12T01:15:48.337

Link: CVE-2023-23456

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-23456", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "assignerShortName": "fedora", "dateUpdated": "2024-12-11T19:02:29.592Z", "dateReserved": "2023-01-12T00:00:00", "datePublished": "2023-01-12T00:00:00"}, "containers": {"cna": {"title": "Upx: heap-buffer-overflow in packtmt::pack()", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file."}], "affected": [{"versions": [{"status": "unaffected", "version": "4.0.2", "lessThan": "*", "versionType": "semver"}], "packageName": "upx", "collectionURL": "https://github.com/upx/upx"}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160381"}, {"url": "https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4"}, {"url": "https://github.com/upx/upx/issues/632"}, {"name": "FEDORA-2023-8d91390935", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/"}, {"name": "FEDORA-2023-89fdc22ace", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/"}], "datePublic": "2022-11-24T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-787", "description": "Out-of-bounds Write", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-122->CWE-787: Heap-based Buffer Overflow leads to Out-of-bounds Write", "timeline": [{"lang": "en", "time": "2023-01-12T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2022-11-24T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Chenweijia for reporting this issue."}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-04-19T13:34:51.940Z"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160381", "tags": ["x_transferred"]}, {"url": "https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4", "tags": ["x_transferred"]}, {"url": "https://github.com/upx/upx/issues/632", "tags": ["x_transferred"]}, {"name": "FEDORA-2023-8d91390935", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/"}, {"name": "FEDORA-2023-89fdc22ace", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/"}, {"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00013.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-12-11T19:02:29.592Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-07T16:19:39.915251Z", "id": "CVE-2023-23456", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T13:52:09.759Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160381", "tags": ["x_transferred"]}, {"url": "https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4", "tags": ["x_transferred"]}, {"url": "https://github.com/upx/upx/issues/632", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/", "name": "FEDORA-2023-8d91390935", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/", "name": "FEDORA-2023-89fdc22ace", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00013.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-12-11T19:02:29.592Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-23456", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-07T16:19:39.915251Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-17T13:52:06.098Z"}}], "cna": {"title": "Upx: heap-buffer-overflow in packtmt::pack()", "credits": [{"lang": "en", "value": "Red Hat would like to thank Chenweijia for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"versions": [{"status": "unaffected", "version": "4.0.2", "lessThan": "*", "versionType": "semver"}], "packageName": "upx", "collectionURL": "https://github.com/upx/upx"}], "timeline": [{"lang": "en", "time": "2023-01-12T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2022-11-24T00:00:00+00:00", "value": "Made public."}], "datePublic": "2022-11-24T00:00:00+00:00", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160381"}, {"url": "https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4"}, {"url": "https://github.com/upx/upx/issues/632"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/", "name": "FEDORA-2023-8d91390935", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/", "name": "FEDORA-2023-89fdc22ace", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-04-19T13:34:51.940Z"}, "x_redhatCweChain": "CWE-122->CWE-787: Heap-based Buffer Overflow leads to Out-of-bounds Write"}}, "cveMetadata": {"cveId": "CVE-2023-23456", "state": "PUBLISHED", "dateUpdated": "2024-12-11T19:02:29.592Z", "dateReserved": "2023-01-12T00:00:00", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "datePublished": "2023-01-12T00:00:00", "assignerShortName": "fedora"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:upx_project:upx:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB529776-278E-419A-B8E1-F7A101A77E24", "versionEndExcluding": "2022-11-24", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file."}, {"lang": "es", "value": "Se descubri\u00f3 un problema de desbordamiento de b\u00fafer de almacenamiento din\u00e1mico en UPX en PackTmt::pack() en el archivo p_tmt.cpp. El flujo permite a un atacante provocar una denegaci\u00f3n de servicio (aborto) a trav\u00e9s de un archivo manipulado."}], "id": "CVE-2023-23456", "lastModified": "2024-12-12T01:15:48.337", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "patrick@puiterwijk.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-01-12T19:15:24.693", "references": [{"source": "patrick@puiterwijk.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160381"}, {"source": "patrick@puiterwijk.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4"}, {"source": "patrick@puiterwijk.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/upx/upx/issues/632"}, {"source": "patrick@puiterwijk.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/"}, {"source": "patrick@puiterwijk.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2160381"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/upx/upx/issues/632"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00013.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/"}], "sourceIdentifier": "patrick@puiterwijk.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "patrick@puiterwijk.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}