What the vulnerability does

01Description

An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service.

Key dates

02Disclosure timeline

August 18, 2022 CVE published
August 4, 2024 Record updated