Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the PackLinuxElf64::unDTINIT function in plxelf.cpp. An attacker can trigger a segfault with malicious input. Remediation A fix was pushed into the master branch but not yet published. References - GitHub...

DEBIAN-CVE-2021-43312

A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invertptdynamic at plxelf.cpp:5239...

PT-2023-12434 · Upx +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: upx affected versions not specified Description: A heap-based buffer overflow was discovered in the upx software. The issue arises when the generic pointer 'p' points to an inaccessible address in the get le32 function. This problem is...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a segmentation fault, via the PackLinuxElf64::invertptdynamic function in the plxelf.cpp file. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...

UBUNTU-CVE-2020-27788

An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack function of plxelf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service...