How severe is CVE-2020-27790?

CVE-2020-27790 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2020-27790

Name: upx
Author: upx

5.5MEDIUM

A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could c

Published: 8/18/2022Updated: 4/11/2025

Description

A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service. The highest impact is to Availability.

AI AnalysisPowered by AI

Affected Products

upxupx

References

https://github.com/upx/upx/commit/eb90eab6325d009004ffb155e3e33f22d4d3ca26
PatchThird Party Advisory
https://github.com/upx/upx/issues/331
ExploitIssue TrackingPatchThird Party Advisory
https://github.com/upx/upx/commit/eb90eab6325d009004ffb155e3e33f22d4d3ca26
PatchThird Party Advisory
https://github.com/upx/upx/issues/331
ExploitIssue TrackingPatchThird Party Advisory