CVE-2022-30065

Опубликовано: 18 мая 2022

Источник: redhat

CVSS3: 6.2

Описание

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

A flaw was found in BusyBox. It did not properly sanitize while processing a crafted awk pattern, leading to possible code execution.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	busybox	Out of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-416

https://bugzilla.redhat.com/show_bug.cgi?id=2088233busybox: A use-after-free in Busybox's awk applet leads to denial of service

6.2 Medium

CVSS3

Связанные уязвимости

CVE-2022-30065

CVSS3: 7.8

ubuntu

больше 3 лет назад

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

CVE-2022-30065

CVSS3: 7.8

nvd

больше 3 лет назад

A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.