CVE 2021-43315
A heap-based buffer overflows was discovered in upx, during the generic pointer 'p' points to an inaccessible address in func get_le32(). The problem is essentially caused in PackLinuxElf32:
See the
CVE page on Mitre.org
for more details.