SUSE CVE-2021-43312

A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invertptdynamic at plxelf.cpp:5239...

Buffer Overflow

Overview Affected versions of this package are vulnerable to Buffer Overflow due to the variable bucket pointing to an inaccessible address. The issue can be triggered in the function PackLinuxElf64::invertptdynamic at plxelf.cpp:5239. Remediation Upgrade upx to version 4.2.1 or higher. Reference...

UPX 安全漏洞

UPX is a portable and extensible executable compression program. A security vulnerability exists in UPX, which stems from function PackLinuxElf32::invertptdynamic in plxelf.cpp:1688 that causes the "bucket" variable to point to an inaccessible address...

PT-2022-8870 · Upx +2 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX version 4.0.0 Description: A heap-based buffer over-read was discovered in the invert pt dynamic function in p lx elf.cpp via a crafted Mach-O file. Recommendations: For UPX version 4.0.0, as a temporary workaround, consider disabling the...

PT-2022-8865 · Upx +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: UPX affected versions not specified Description: A floating point exception issue was discovered in the PackLinuxElf64::invert pt dynamic function of the p lx elf.cpp file. An attacker with a crafted input file could trigger this issue, causi...