CVE-2022-48174

Опубликовано: 22 авг. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

Ссылки

https://bugs.busybox.net/show_bug.cgi?id=15216
Issue Tracking
Vendor Advisory
https://bugs.busybox.net/show_bug.cgi?id=15216
Issue Tracking
Vendor Advisory
https://lists.debian.org/debian-lts-announce/2025/01/msg00012.html
Third Party Advisory
https://security.netapp.com/advisory/ntap-20241129-0001/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Конфигурация 2

cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*

Версия до 1.36.1 (включая)

EPSS

Процентиль: 71%

0.00679

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787

Связанные уязвимости

CVE-2022-48174

CVSS3: 9.8

ubuntu

больше 2 лет назад

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

CVE-2022-48174

CVSS3: 9.8

redhat

больше 2 лет назад

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

CVE-2022-48174

CVSS3: 9.8

msrc

9 месяцев назад

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

CVE-2022-48174

CVSS3: 9.8

debian

больше 2 лет назад

There is a stack overflow vulnerability in ash.c:6030 in busybox befor ...

SUSE-SU-2023:3820-1

suse-cvrf

больше 2 лет назад

Security update for busybox

EPSS

Процентиль: 71%

0.00679

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-787