Heap-Buffer Overflow Vulnerability in LIEF Library by LIEF Project
CVE-2022-38495

7.8HIGH

Key Information:

Vendor: Lief-project
Status: Lief
Vendor: CVE Published:; 13 September 2022

🔔 Create Lief-project Vulnerability Alert

What is CVE-2022-38495?

A heap-buffer overflow vulnerability has been identified in the LIEF library, specifically in the print_binary function located in macho_reader.c. This flaw could allow attackers to exploit the underlying memory management in applications that utilize the library, potentially leading to unexpected behavior or crashes. Developers are encouraged to upgrade to the latest version to mitigate the risk.

References

https://github.com/lief-project/LIEF/issues/767

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 13, 2022
Vulnerability Reserved
Aug 22, 2022

JSON