CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

USN-5179-1 busybox vulnerabilities

It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute...

OESA-2021-1449 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: A...

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function

...

CVE-2021-42384

A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted awk pattern in the handlespecial function, leading to possible code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CVE-2021-42383

A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted awk pattern in the evaluate function, leading to possible code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CVE-2021-42385

A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted awk pattern in the evaluate function, leading to possible code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CVE-2021-42378

A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted awk pattern, leading to possible code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

CVE-2021-42379

A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted awk pattern in the nextinputfile function, leading to possible code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

DEBIAN-CVE-2021-42385

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function...

ALPINE-CVE-2021-42380

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function...

DEBIAN-CVE-2021-42381

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hashinit function...

CVE-2021-42379

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nextinputfile function...

CVE-2021-42378

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvari function...

PT-2021-5547 · Busybox +5 · Busybox +5

Name of the Vulnerable Software and Affected Versions: BusyBox affected versions not specified Description: A use-after-free issue in BusyBox's awk applet can lead to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function. This allows a remote...

PT-2021-5540 · Busybox +5 · Busybox +5

Name of the Vulnerable Software and Affected Versions: BusyBox affected versions not specified Description: A use-after-free issue in BusyBox's awk applet can lead to denial of service and possibly code execution when processing a crafted awk pattern in the hash init function. This could allow a...

CVE-2021-42380

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function...

CVE-2021-42380

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function...

Use-After-Free

busybox is vulnerable to use-after-free vulnerability. A remote unauthenticated attacker could craft an awk pattern and send to the evaluate function resulting in a system hang...

Denial Of Service (DoS)

busybox is vulnerable to denial of service. The vulnerability exists because it does not properly sanitize while processing a crafted awk pattern in the clrvar function which causes an application crash...