Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Alpine | edge-community | noarch | upx | < 4.0.0-r0 | UNKNOWN |
Alpine | 3.17-community | noarch | upx | < 4.0.0-r0 | UNKNOWN |
Alpine | 3.18-community | noarch | upx | < 4.0.0-r0 | UNKNOWN |
Alpine | 3.19-community | noarch | upx | < 4.0.0-r0 | UNKNOWN |
Alpine | 3.20-community | noarch | upx | < 4.0.0-r0 | UNKNOWN |