What the vulnerability does

01Description

A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. The highest impact is to Availability.

Key dates

02Disclosure timeline

August 18, 2022 CVE published
August 4, 2024 Record updated