Skip to content

Out-of-bounds Read in parsing component.

Moderate
liyansong2018 published GHSA-jr8h-2657-m68r Jan 24, 2022

Package

parse (elfspirit)

Affected versions

1.0

Patched versions

1.1

Description

When analyzing the ELF file format, there is an out-of-bounds read bug in elfspirit, which can lead to application crashes or information leakage. By constructing a special format ELF file(name and offset of section header table), the information of any address can be leaked.

Impact

Information leakage & Denial of service.

Patches

c5b0f5a

References

Out-of-bounds read in elf parsing

For more information

If you have any questions or comments about this advisory:

Severity

Moderate

CVE ID

CVE-2022-21711

Weaknesses