CVE-2022-48174

Опубликовано: 22 авг. 2023

Источник: debian

EPSS Низкий

Описание

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
busybox	fixed	1:1.37.0-1		package
busybox	postponed		bookworm	package
busybox	no-dsa		buster	package

Примечания

https://bugs.busybox.net/show_bug.cgi?id=15216
https://git.busybox.net/busybox/commit/?id=d417193cf37ca1005830d7e16f5fa7e1d8a44209 (1_37_0)

EPSS

Процентиль: 63%

0.00451

Низкий

Связанные уязвимости

CVE-2022-48174

CVSS3: 9.8

ubuntu

почти 2 года назад

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

CVE-2022-48174

CVSS3: 9.8

redhat

почти 2 года назад

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

CVE-2022-48174

CVSS3: 9.8

nvd

почти 2 года назад

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

CVE-2022-48174

CVSS3: 9.8

msrc

4 месяца назад

Описание отсутствует

SUSE-SU-2023:3820-1

suse-cvrf

больше 1 года назад

Security update for busybox

EPSS

Процентиль: 63%

0.00451

Низкий