CVE-2022-30065

Опубликовано: 18 мая 2022

Источник: debian

EPSS Низкий

Описание

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
busybox	fixed	1:1.36.1-1		package

Примечания

https://bugs.busybox.net/show_bug.cgi?id=14781
https://git.busybox.net/busybox/commit/?id=e63d7cdfdac78c6fd27e9e63150335767592b85e (1_36_0)
Crash in CLI tool, no security impact

EPSS

Процентиль: 70%

0.00636

Низкий

Связанные уязвимости

CVE-2022-30065

CVSS3: 7.8

ubuntu

больше 3 лет назад

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

CVE-2022-30065

CVSS3: 6.2

redhat

больше 3 лет назад

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

CVE-2022-30065

CVSS3: 7.8

nvd

больше 3 лет назад

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

CVE-2022-30065

CVSS3: 7.8

msrc

больше 3 лет назад

Описание отсутствует

SUSE-SU-2022:4372-1

suse-cvrf

около 3 лет назад

Security update for busybox

EPSS

Процентиль: 70%

0.00636

Низкий