| शीर्षक | elf-parser project has DoS vulnerability |
|---|
| विवरण | In the elf-parser project, elf_parser.cpp:66 in elf_parser::Elf_parser::get_segments() exist a denial of service vulnerability. Attackers can cause denial of service through carefully constructed malicious files.
When open this malicious file, the program will generate a wild pointer.You can access ASAN report or run the poc file see this DoS vulnerability be triggered.
Through GDB analysis, the reason for this wild pointer may be :
```
at ../elf_parser.cpp:66
66 segment.segment_physaddr = phdr[i].p_paddr;
``` |
|---|
| स्रोत | ⚠️ https://github.com/10cksYiqiyinHangzhouTechnology/elf-parser_segments_poc |
|---|
| उपयोगकर्ता | 10cksYiqiyinHangzhouTechnology (UID 41666) |
|---|
| सबमिशन | 02/03/2023 01:47 PM (3 साल पहले) |
|---|
| संयम | 02/03/2023 07:16 PM (5 hours later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 222222 [finixbit elf-parser elf_parser.cpp get_segments सेवा अस्वीकार] |
|---|
| अंक | 20 |
|---|