An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of plxelf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "upx-ucl", "binary_version": "3.96-3" }, { "binary_name": "upx-ucl-dbgsym", "binary_version": "3.96-3" } ] }