Hongphipham95

**Name of the Vulnerable Software and Affected Versions** UPX version 3.94 **Description** The issue is related to the handling of ELF headers in the p lx elf.cpp file, which can be exploited by remote attackers using a crafted binary file. This exploitation can lead to a denial of service, causing the application to crash, and potentially have other unspecified impacts. The vulnerability is demonstrated by an Invalid Pointer Read in the PackLinuxElf64::unpack() function. **Recommendations** For UPX version 3.94, consider updating to a newer version that addresses this issue, as the current version mishandles ELF headers, leading to potential security risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.