OESA-2022-1859 busybox security update

BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. It provides a fairly complete environment for any small or embedded system. Security Fixes: A...

Use-After-Free

busybox is vulnerable to use-after-free. The vulnerability exists in copyvar which allows an attacker to send crafted awk pattern crashing the application...

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

...

CVE-2022-30065

A flaw was found in BusyBox. It did not properly sanitize while processing a crafted awk pattern, leading to possible code execution...

CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

ALPINE-CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

DEBIAN-CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

AZL-9815 CVE-2022-30065 affecting package busybox for versions less than 1.35.0-3

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

Design/Logic Flaw

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

CVE-2022-30065

CVE-2022-30065 concerns a use-after-free in the Busybox 1.35-x awk applet, due to a flaw in the copyvar function that can trigger denial of service and potentially code execution when processing a crafted awk pattern. Public details consistently name Busybox as affected and describe the issue as ...

CVE-2022-30065

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function...

EulerOS 2.0 SP10 : busybox (EulerOS-SA-2022-1463)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validatio...

Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2022-1303)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 18.04 LTS / 20.04 LTS : BusyBox vulnerabilities (USN-5179-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5179-1 advisory. It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processin...

USN-5179-1 busybox vulnerabilities

It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processing a specially crafted gzip archive, a remote attacker could use this issue to cause BusyBox to crash, resulting in a denial of service, or possibly execute...