Lucene search
Alpine Linux Development TeamALPINE:CVE-2018-20679HistoryJan 09, 2019 - 4:29 p.m.
CVE-2018-20679
2019-01-0916:29:00
Alpine Linux Development Team
security.alpinelinux.org
14
0.006 Low
EPSS
Percentile
77.7%
An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.10-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.11-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.12-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.13-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.14-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.15-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.16-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.17-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
| Alpine | 3.18-main | noarch | busybox | < 1.29.3-r10 | UNKNOWN |
Related
checkpoint_advisories
checkpoint_advisories
BusyBox Project BusyBox udhcp Option Out of Bounds Read (CVE-2018-20679)
2019-02-24 00:00:00
redhatcve
redhatcve
CVE-2018-20679
2019-01-16 10:49:28
CVE-2019-5747
2019-10-12 02:19:26
osv
osv
CVE-2018-20679
2019-01-09 16:29:00
CVE-2019-5747
2019-01-09 16:29:00
veracode
veracode
Information Disclosure
2020-09-21 06:27:41
debiancve
debiancve
CVE-2018-20679
2019-01-09 16:29:00
CVE-2019-5747
2019-01-09 16:29:00
prion
prion
Out-of-bounds
2019-01-09 16:29:00
Out-of-bounds
2019-01-09 16:29:00
cve
cve
CVE-2018-20679
2019-01-09 16:29:00
CVE-2019-5747
2019-01-09 16:29:00
cvelist
cvelist
CVE-2018-20679
2019-01-09 16:00:00
CVE-2019-5747
2019-01-09 16:00:00
ubuntucve
ubuntucve
CVE-2018-20679
2019-01-09 00:00:00
CVE-2019-5747
2019-01-09 00:00:00
alpinelinux
alpinelinux
CVE-2019-5747
2019-01-09 16:29:00
openvas
openvas
Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2020-1284)
2020-03-23 00:00:00
openSUSE: Security Advisory for busybox (openSUSE-SU-2021:3531-1)
2021-10-28 00:00:00
openSUSE: Security Advisory for busybox (openSUSE-SU-2021:1408-1)
2021-11-01 00:00:00
suse
suse
Security update for busybox (important)
2021-10-27 00:00:00
Security update for busybox (important)
2021-10-31 00:00:00
Security update for busybox (important)
2022-05-18 00:00:00
nessus
nessus
openSUSE 15 Security Update : busybox (openSUSE-SU-2021:1408-1)
2021-11-01 00:00:00
openSUSE 15 Security Update : busybox (openSUSE-SU-2021:3531-1)
2021-10-28 00:00:00
SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2021:3531-1)
2021-10-28 00:00:00
ics
ics
Advantech Spectre RT Industrial Routers
2021-02-23 12:00:00
cloudfoundry
cloudfoundry
USN-3935-1: BusyBox vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
ubuntu
ubuntu
BusyBox vulnerabilities
2019-04-03 00:00:00
packetstorm
packetstorm
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
2019-09-04 00:00:00