Описание
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
A flaw was found in BusyBox, where it did not properly sanitize while processing a crafted awk pattern in the getvar_s function, leading to possible code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Отчет
Attack complexity is High because it's only exploited with a specially crafted awk pattern under rare conditions.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | busybox | Not affected |
Показывать по
Дополнительная информация
Статус:
6.6 Medium
CVSS3
Связанные уязвимости
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
A use-after-free in Busybox's awk applet leads to denial of service an ...
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
6.6 Medium
CVSS3