An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service.
https://github.com/upx/upx/issues/332
https://github.com/upx/upx/commit/1bb93d4fce9f1d764ba57bf5ac154af515b3fc83