2 matches found
CVE-2023-45838
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the aufs packa...
CVE-2023-45838
Buildroot CVE-2023-45838 affects the package hash checking for Buildroot 2023.08.1 and dev commit 622698d7847 (aufs-related). TALOS confirms multiple data integrity vulnerabilities enabling a MITM to provide compromised sources, potentially allowing arbitrary command execution in the builder. Key...