A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.

...

OESA-2024-2128 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: A...

CBL Mariner 2.0 Security Update: busybox (CVE-2023-42365)

The version of busybox installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-42365 advisory. - A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c...

Heap-based Buffer Overflow

busybox is vulnerable to Heap-based Buffer Overflow. The vulnerability arises from the nexttoken function in the awk.c file, allowing attackers to crash the system or gain unauthorized data access with specially crafted inputs...

SUSE CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

CVE-2023-42365

A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

CVE-2023-42364

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function...

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

DEBIAN-CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

Heap overflow

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

Design/Logic Flaw

A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function...

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

CVE-2023-42366

A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the nexttoken function at awk.c:1159...

CVE-2023-42365

CVE-2023-42365 : A use-after-free in BusyBox v1.36.1 is triggered by a crafted awk pattern in the awk.c copyvar function. This is a local vulnerability that can lead to a crash or potential code execution depending on context (per the description). The issue has been reported in public advisories...

PT-2023-7297 · Busybox +1 · Busybox +1

Name of the Vulnerable Software and Affected Versions: BusyBox version 1.36.1 Description: A heap-buffer-overflow issue was discovered in the next token function at awk.c:1159. This issue is related to writing beyond the buffer boundaries. Exploitation of this issue may allow an attacker to cause...

CVE-2023-42366

CVE-2023-42366 : BusyBox v1.36.1 contains a heap-buffer-overflow in the next_token path (awk.c:1159). This vulnerability could cause a crash/denial of service when processing crafted awk input. The issue is documented in multiple Nessus/EulerOS advisories tied to BusyBox 1.36.1; no vendor/product...