Heap Buffer Overflow in LIEF Affects Multiple Versions
CVE-2021-32297

8.8HIGH

Key Information:

Vendor: Lief-project
Status: Lief
Vendor: CVE Published:; 20 September 2021

🔔 Create Lief-project Vulnerability Alert

What is CVE-2021-32297?

A heap buffer overflow vulnerability has been identified in LIEF, particularly in the main function located in pe_reader.c. This flaw enables attackers to execute arbitrary code, thereby compromising the integrity of the affected systems. The vulnerability affects all versions of LIEF through 0.11.4, posing significant risks if not addressed.

References

https://github.com/lief-project/LIEF/issues/449

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 20, 2021
Vulnerability Reserved
May 7, 2021

JSON