MGASA-2022-0458 Updated busybox packages fix security vulnerability

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. CVE-2022-30065...

MGASA-2021-0310 Updated busybox packages fix security vulnerability

Updated busybox packages fix security vulnerability: decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data CVE-2021-28831...

MGASA-2018-0413 Updated busybox packages fix security vulnerability

Unziping a specially crafted zip file results in a computation of an invalid pointer and a crash reading an invalid address CVE-2015-9261...

MGASA-2015-0041 Updated busybox packages fix CVE-2014-9645

Updated busybox packages fix security vulnerability: The modprobe command in busybox before 1.23.0 uses the basename of the module argument as the module to load, allowing arbitrary modules, even when some kernel subsystems try to prevent this CVE-2014-9645...

MGASA-2014-0351 Updated busybox packages fix CVE-2014-4607

Updated busybox packages fix security vulnerability: An integer overflow in liblzo before 2.07 allows attackers to cause a denial of service or possibly code execution in applications using performing LZO decompression on a compressed payload from the attacker CVE-2014-4607. Busybox bundles part ...