Cxy20103657

**Name of the Vulnerable Software and Affected Versions** UPX (affected versions not specified) **Description** A segmentation fault was found in the `invert pt dynamic()` function in `p lx elf.cpp`. An attacker with a crafted input file can access invalid memory addresses, potentially leading to a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX (affected versions not specified) **Description** An out-of-bounds read access issue was discovered in the PackLinuxElf64::canPack() function of the p lx elf.cpp file. This could be triggered by an attacker using a crafted input file, potentially causing a crash and leading to a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** UPX (affected versions not specified) **Description** A floating point exception issue was discovered in the PackLinuxElf64::invert pt dynamic() function of the p lx elf.cpp file. An attacker with a crafted input file could trigger this issue, causing a crash that leads to a denial of service. The highest impact is to Availability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.