### [CVE-2021-20285](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20285)
![](https://img.shields.io/static/v1?label=Product&message=upx&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=UPX%203.96%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-119&color=brightgreen)

### Description

A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service (SEGV or buffer overflow and application crash) or possibly have unspecified other impacts via a crafted ELF. The highest threat from this vulnerability is to system availability.

### POC

#### Reference
- https://github.com/upx/upx/issues/421

#### Github
No PoCs found on GitHub currently.