Ubuntu 16.04 ESM / 18.04 ESM : BusyBox vulnerabilities (USN-6335-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6335-1 advisory. It was discovered that BusyBox incorrectly handled certain malformed gzip archives. If a user or automated system were tricked into processin...

Ubuntu 16.04 ESM : BusyBox vulnerability (USN-5179-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5179-2 advisory. USN-5179-1 fixed vulnerabilities in BusyBox. This update provides the corresponding updates for Ubuntu 16.04 ESM. Tenable has extracted the preceding description...

SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2022:0135-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0135-1 advisory. - Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point...

Huawei EulerOS: Security Advisory for busybox (EulerOS-SA-2021-2522)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : busybox (EulerOS-SA-2021-2522)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or...

MGASA-2021-0310 Updated busybox packages fix security vulnerability

Updated busybox packages fix security vulnerability: decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data CVE-2021-28831...

Updated busybox packages fix security vulnerability

Updated busybox packages fix security vulnerability: decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data CVE-2021-28831...

Amazon Linux AMI : busybox (ALAS-2021-1496)

The version of busybox installed on the remote host is prior to 1.19.3-2.12. It is, therefore, affected by a vulnerability as referenced in the ALAS-2021-1496 advisory. decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid...

Medium: busybox

Issue Overview: decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. CVE-2021-28831 Affected Packages: busybox Issue Correction: Run yum update busybox or yum update...

Denial Of Service (DoS)

busybox is vulnerable to denial of service. The vulnerability exists due to the decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data...

CVE-2021-28831

decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data...

CVE-2021-28831

decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data...

CVE-2021-28831

decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data...

CVE-2021-28831

decompressgunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huftbuild result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data...

CVE-2015-9261

huftbuild in archival/libarchive/decompressgunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file...