Unrated severityNVD Advisory· Published Mar 26, 2021· Updated Aug 3, 2024
CVE-2021-20285
CVE-2021-20285
Description
A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service (SEGV or buffer overflow and application crash) or possibly have unspecified other impacts via a crafted ELF. The highest threat from this vulnerability is to system availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- UPX/UPXdescription
- osv-coords2 versionspkg:rpm/opensuse/upx&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/upx&distro=SUSE%20Package%20Hub%2015%20SP4
< 4.0.2-bp154.4.6.1+ 1 more
- (no CPE)range: < 4.0.2-bp154.4.6.1
- (no CPE)range: < 4.0.2-bp154.4.6.1
Patches
Vulnerability mechanics
References
2- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
- github.com/upx/upx/issues/421mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.