Denial Of Service (DoS)

2023-02-0818:05:41

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

upx

vulnerability

application crash

segmentation fault

dos

memory address access

0.001 Low

EPSS

Percentile

29.1%

JSON

upx is vulnerable to Denial Of Service (DoS). The vulnerability exists due to the segmentation fault in the PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp which leads to invalid memory address access, allowing an attacker to cause an application crash

CPENameOperatorVersion
upx:edgeeq4.0.0-r0
upx:edgeeq3.96-r0
upx:edgeeq3.96-r1
upx:edgeeq4.0.1-r0
upx:edgeeq3.96-r2
upx:3.17eq4.0.0-r0
upx:3.17eq4.0.1-r0
upx:edgeeq4.0.0-r0
upx:edgeeq3.96-r0
upx:edgeeq3.96-r1

Name	Operator	Version
upx:edge	eq	4.0.0-r0
upx:edge	eq	3.96-r0
upx:edge	eq	3.96-r1
upx:edge	eq	4.0.1-r0
upx:edge	eq	3.96-r2
upx:3.17	eq	4.0.0-r0
upx:3.17	eq	4.0.1-r0
upx:edge	eq	4.0.0-r0
upx:edge	eq	3.96-r0
upx:edge	eq	3.96-r1