Astra Linux - уязвимость в busybox

The decompressgunzip.c file in BusyBox contains an issue where version 1.32.1 improperly handles the error bit associated with the huftbuild result pointer. This results in an invalid free operation or segmentation fault due to malformed gzip data...

Ubuntu 18.04 LTS / 20.04 LTS : BusyBox vulnerabilities (USN-5179-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5179-1 advisory. It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processin...

openSUSE 15 Security Update : busybox (openSUSE-SU-2021:3531-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3531-1 advisory. - Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside...

CVE-2021-28831

decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data...

CVE-2021-28831

CVE-2021-28831 affects BusyBox prior to 1.32.1. The issue arises when decompress_gunzip.c mishandles the error bit on the huft_build result pointer, leading to an invalid free or segmentation fault via malformed gzip data. Several connected advisories confirm the same root cause and describe a re...