upx is vulnerable to denial of service. The vulnerability exists due to a null pointer dereference in upx PackLinuxElf::canUnpack()
in p_lx_elf.cpp
which allows attackers to execute arbitrary code and cause a denial of service via a crafted file.