Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2023.0052
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2023-0052)
Zusammenfassung:	The remote host is missing an update for the 'upx' package(s) announced via the MGASA-2023-0052 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'upx' package(s) announced via the MGASA-2023-0052 advisory. Vulnerability Insight: Denial of service due to heap-based buffer overflow issue in UPX in PackTmt::pack() in p_tmt.cpp file. (CVE-2023-23456) Denial of service due to segmentation fault in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. (CVE-2023-23457) Affected Software/OS: 'upx' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-23456 FEDORA-2023-89fdc22ace https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TGEP3FBNRZXGLIA2B2ICMB32JVMPREFZ/ FEDORA-2023-8d91390935 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EL3BVKIGG3SH6I3KPOYQAWCBD4UMPOPI/ https://bugzilla.redhat.com/show_bug.cgi?id=2160381 https://github.com/upx/upx/commit/510505a85cbe45e51fbd470f1aa8b02157c429d4 https://github.com/upx/upx/issues/632 Common Vulnerability Exposure (CVE) ID: CVE-2023-23457 https://bugzilla.redhat.com/show_bug.cgi?id=2160382 https://github.com/upx/upx/commit/779b648c5f6aa9b33f4728f79dd4d0efec0bf860 https://github.com/upx/upx/issues/631
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.