Debian Upx-Ucl vulnerabilities

CVE-2025-2849 [MEDIUM] CVE-2025-2849: upx-ucl - A vulnerability, which was classified as problematic, was found in UPX up to 5.0... A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::un_DT_INIT of the file src/p_lx_elf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as e0b6

CVE-2024-3209 [MEDIUM] CVE-2024-3209: upx-ucl - A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. Thi... A vulnerability was found in UPX up to 4.2.2. It has been rated as critical. This issue affects the function get_ne64 of the file bele.h. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259055. NOTE: The vendor was contacted early about this dis

CVE-2023-23456 [MEDIUM] CVE-2023-23456: upx-ucl - A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p... A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. The flow allows an attacker to cause a denial of service (abort) via a crafted file. Scope: local bullseye: resolved (fixed in 3.96-2+deb11u1) forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2023-23457 [MEDIUM] CVE-2023-23457: upx-ucl - A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in ... A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-30501 [MEDIUM] CVE-2021-30501: upx-ucl - An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UP... An assertion abort was found in upx MemBuffer::alloc() in mem.cpp, in version UPX 4.0.0. The flow allows attackers to cause a denial of service (abort) via a crafted file. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-43312 [HIGH] CVE-2021-43312: upx-ucl - A heap-based buffer overflow was discovered in upx, during the variable 'bucket'... A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf64::invert_pt_dynamic at p_lx_elf.cpp:5239. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-43314 [HIGH] CVE-2021-43314: upx-ucl - A heap-based buffer overflows was discovered in upx, during the generic pointer ... A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5368 Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-43315 [HIGH] CVE-2021-43315: upx-ucl - A heap-based buffer overflows was discovered in upx, during the generic pointer ... A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5349 Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-43317 [HIGH] CVE-2021-43317: upx-ucl - A heap-based buffer overflows was discovered in upx, during the generic pointer ... A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf64::elf_lookup() at p_lx_elf.cpp:5404 Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-46179 [MEDIUM] CVE-2021-46179: upx-ucl - Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause ... Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-43311 [HIGH] CVE-2021-43311: upx-ucl - A heap-based buffer overflow was discovered in upx, during the generic pointer '... A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32::elf_lookup() at p_lx_elf.cpp:5382. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-30500 [HIGH] CVE-2021-30500: upx-ucl - Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.... Null pointer dereference was found in upx PackLinuxElf::canUnpack() in p_lx_elf.cpp,in version UPX 4.0.0. That allow attackers to execute arbitrary code and cause a denial of service via a crafted file. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-20285 [MEDIUM] CVE-2021-20285: upx-ucl - A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows at... A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service (SEGV or buffer overflow and application crash) or possibly have unspecified other impacts via a crafted ELF. The highest threat from this vulnerability is to system availability. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: r

CVE-2021-43313 [HIGH] CVE-2021-43313: upx-ucl - A heap-based buffer overflow was discovered in upx, during the variable 'bucket'... A heap-based buffer overflow was discovered in upx, during the variable 'bucket' points to an inaccessible address. The issue is being triggered in the function PackLinuxElf32::invert_pt_dynamic at p_lx_elf.cpp:1688. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2021-43316 [HIGH] CVE-2021-43316: upx-ucl - A heap-based buffer overflow was discovered in upx, during the generic pointer '... A heap-based buffer overflow was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le64(). Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2020-24119 [HIGH] CVE-2020-24119: upx-ucl - A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_... A heap buffer overflow read was discovered in upx 4.0.0, because the check in p_lx_elf.cpp is not perfect. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2020-27788 [MEDIUM] CVE-2020-27788: upx-ucl - An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf... An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. Scope: local bullseye: resolved (fixed in 3.96-1) forky: resolved (fixed in 3.96-1) sid: resolved (fixed in 3.96-1) trixi

CVE-2020-27801 [HIGH] CVE-2020-27801: upx-ucl - A heap-based buffer over-read was discovered in the get_le64 function in bele.h ... A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2020-27796 [HIGH] CVE-2020-27796: upx-ucl - A heap-based buffer over-read was discovered in the invert_pt_dynamic function i... A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)

CVE-2020-27802 [MEDIUM] CVE-2020-27802: upx-ucl - An floating point exception was discovered in the elf_lookup function in p_lx_el... An floating point exception was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. Scope: local bullseye: open forky: resolved (fixed in 4.2.2-1) sid: resolved (fixed in 4.2.2-1) trixie: resolved (fixed in 4.2.2-1)