Описание
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted awk pattern, leading to possible code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Отчет
Attack Complexity is High because it's only exploited with a specially crafted awk pattern under rare conditions.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | busybox | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
6.6 Medium
CVSS3
Связанные уязвимости
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
A use-after-free in Busybox's awk applet leads to denial of service an ...
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
EPSS
6.6 Medium
CVSS3