[Buildroot] [PATCH 1/1] package/upx: fix CVE-2021-20285

Peter Korsgaard peter at korsgaard.com
Sun Apr 4 10:27:50 UTC 2021

>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:

 > A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw
 > allows attackers to cause a denial of service (SEGV or buffer overflow
 > and application crash) or possibly have unspecified other impacts via a
 > crafted ELF. The highest threat from this vulnerability is to system
 > availability.

 > Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>

Committed, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list