SUSE-SU-2023:3529-1

Опубликовано: 05 сент. 2023

Источник: suse-cvrf

Описание

Security update for busybox

This update for busybox fixes the following issues:

CVE-2022-48174: Fixed stack overflow vulnerability. (bsc#1214538)

Список пакетов

Container bci/bci-busybox:15.4

busybox-1.35.0-150400.3.11.1

busybox-adduser-1.35.0-150400.4.5.1

busybox-attr-1.35.0-150400.4.5.1

busybox-bc-1.35.0-150400.4.5.1

busybox-bind-utils-1.35.0-150400.4.5.1

busybox-bzip2-1.35.0-150400.4.5.1

busybox-coreutils-1.35.0-150400.4.5.1

busybox-cpio-1.35.0-150400.4.5.1

busybox-diffutils-1.35.0-150400.4.5.1

busybox-dos2unix-1.35.0-150400.4.5.1

busybox-ed-1.35.0-150400.4.5.1

busybox-findutils-1.35.0-150400.4.5.1

busybox-gawk-1.35.0-150400.4.5.1

busybox-grep-1.35.0-150400.4.5.1

busybox-gzip-1.35.0-150400.4.5.1

busybox-hostname-1.35.0-150400.4.5.1

busybox-iproute2-1.35.0-150400.4.5.1

busybox-iputils-1.35.0-150400.4.5.1

busybox-kbd-1.35.0-150400.4.5.1

busybox-less-1.35.0-150400.4.5.1

busybox-links-1.35.0-150400.4.5.1

busybox-man-1.35.0-150400.4.5.1

busybox-misc-1.35.0-150400.4.5.1

busybox-ncurses-utils-1.35.0-150400.4.5.1

busybox-net-tools-1.35.0-150400.4.5.1

busybox-netcat-1.35.0-150400.4.5.1

busybox-patch-1.35.0-150400.4.5.1

busybox-policycoreutils-1.35.0-150400.4.5.1

busybox-procps-1.35.0-150400.4.5.1

busybox-psmisc-1.35.0-150400.4.5.1

busybox-sed-1.35.0-150400.4.5.1

busybox-selinux-tools-1.35.0-150400.4.5.1

busybox-sendmail-1.35.0-150400.4.5.1

busybox-sh-1.35.0-150400.4.5.1

busybox-sharutils-1.35.0-150400.4.5.1

busybox-syslogd-1.35.0-150400.4.5.1

busybox-sysvinit-tools-1.35.0-150400.4.5.1

busybox-tar-1.35.0-150400.4.5.1

busybox-telnet-1.35.0-150400.4.5.1

busybox-tftp-1.35.0-150400.4.5.1

busybox-time-1.35.0-150400.4.5.1

busybox-traceroute-1.35.0-150400.4.5.1

busybox-tunctl-1.35.0-150400.4.5.1

busybox-unzip-1.35.0-150400.4.5.1

busybox-util-linux-1.35.0-150400.4.5.1

busybox-vi-1.35.0-150400.4.5.1

busybox-vlan-1.35.0-150400.4.5.1

busybox-wget-1.35.0-150400.4.5.1

busybox-which-1.35.0-150400.4.5.1

busybox-whois-1.35.0-150400.4.5.1

busybox-xz-1.35.0-150400.4.5.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

busybox-1.35.0-150400.3.11.1

busybox-static-1.35.0-150400.3.11.1

openSUSE Leap 15.4

busybox-1.35.0-150400.3.11.1

busybox-adduser-1.35.0-150400.4.5.1

busybox-attr-1.35.0-150400.4.5.1

busybox-bc-1.35.0-150400.4.5.1

busybox-bind-utils-1.35.0-150400.4.5.1

busybox-bzip2-1.35.0-150400.4.5.1

busybox-coreutils-1.35.0-150400.4.5.1

busybox-cpio-1.35.0-150400.4.5.1

busybox-diffutils-1.35.0-150400.4.5.1

busybox-dos2unix-1.35.0-150400.4.5.1

busybox-ed-1.35.0-150400.4.5.1

busybox-findutils-1.35.0-150400.4.5.1

busybox-gawk-1.35.0-150400.4.5.1

busybox-grep-1.35.0-150400.4.5.1

busybox-gzip-1.35.0-150400.4.5.1

busybox-hostname-1.35.0-150400.4.5.1

busybox-iproute2-1.35.0-150400.4.5.1

busybox-iputils-1.35.0-150400.4.5.1

busybox-kbd-1.35.0-150400.4.5.1

busybox-kmod-1.35.0-150400.4.5.1

busybox-less-1.35.0-150400.4.5.1

busybox-links-1.35.0-150400.4.5.1

busybox-man-1.35.0-150400.4.5.1

busybox-misc-1.35.0-150400.4.5.1

busybox-ncurses-utils-1.35.0-150400.4.5.1

busybox-net-tools-1.35.0-150400.4.5.1

busybox-netcat-1.35.0-150400.4.5.1

busybox-patch-1.35.0-150400.4.5.1

busybox-policycoreutils-1.35.0-150400.4.5.1

busybox-procps-1.35.0-150400.4.5.1

busybox-psmisc-1.35.0-150400.4.5.1

busybox-sed-1.35.0-150400.4.5.1

busybox-selinux-tools-1.35.0-150400.4.5.1

busybox-sendmail-1.35.0-150400.4.5.1

busybox-sh-1.35.0-150400.4.5.1

busybox-sharutils-1.35.0-150400.4.5.1

busybox-static-1.35.0-150400.3.11.1

busybox-syslogd-1.35.0-150400.4.5.1

busybox-sysvinit-tools-1.35.0-150400.4.5.1

busybox-tar-1.35.0-150400.4.5.1

busybox-telnet-1.35.0-150400.4.5.1

busybox-testsuite-1.35.0-150400.3.11.1

busybox-tftp-1.35.0-150400.4.5.1

busybox-time-1.35.0-150400.4.5.1

busybox-traceroute-1.35.0-150400.4.5.1

busybox-tunctl-1.35.0-150400.4.5.1

busybox-unzip-1.35.0-150400.4.5.1

busybox-util-linux-1.35.0-150400.4.5.1

busybox-vi-1.35.0-150400.4.5.1

busybox-vlan-1.35.0-150400.4.5.1

busybox-warewulf3-1.35.0-150400.3.11.1

busybox-wget-1.35.0-150400.4.5.1

busybox-which-1.35.0-150400.4.5.1

busybox-whois-1.35.0-150400.4.5.1

busybox-xz-1.35.0-150400.4.5.1

openSUSE Leap 15.5

busybox-adduser-1.35.0-150400.4.5.1

busybox-attr-1.35.0-150400.4.5.1

busybox-bc-1.35.0-150400.4.5.1

busybox-bind-utils-1.35.0-150400.4.5.1

busybox-bzip2-1.35.0-150400.4.5.1

busybox-coreutils-1.35.0-150400.4.5.1

busybox-cpio-1.35.0-150400.4.5.1

busybox-diffutils-1.35.0-150400.4.5.1

busybox-dos2unix-1.35.0-150400.4.5.1

busybox-ed-1.35.0-150400.4.5.1

busybox-findutils-1.35.0-150400.4.5.1

busybox-gawk-1.35.0-150400.4.5.1

busybox-grep-1.35.0-150400.4.5.1

busybox-gzip-1.35.0-150400.4.5.1

busybox-hostname-1.35.0-150400.4.5.1

busybox-iproute2-1.35.0-150400.4.5.1

busybox-iputils-1.35.0-150400.4.5.1

busybox-kbd-1.35.0-150400.4.5.1

busybox-kmod-1.35.0-150400.4.5.1

busybox-less-1.35.0-150400.4.5.1

busybox-links-1.35.0-150400.4.5.1

busybox-man-1.35.0-150400.4.5.1

busybox-misc-1.35.0-150400.4.5.1

busybox-ncurses-utils-1.35.0-150400.4.5.1

busybox-net-tools-1.35.0-150400.4.5.1

busybox-netcat-1.35.0-150400.4.5.1

busybox-patch-1.35.0-150400.4.5.1

busybox-policycoreutils-1.35.0-150400.4.5.1

busybox-procps-1.35.0-150400.4.5.1

busybox-psmisc-1.35.0-150400.4.5.1

busybox-sed-1.35.0-150400.4.5.1

busybox-selinux-tools-1.35.0-150400.4.5.1

busybox-sendmail-1.35.0-150400.4.5.1

busybox-sh-1.35.0-150400.4.5.1

busybox-sharutils-1.35.0-150400.4.5.1

busybox-syslogd-1.35.0-150400.4.5.1

busybox-sysvinit-tools-1.35.0-150400.4.5.1

busybox-tar-1.35.0-150400.4.5.1

busybox-telnet-1.35.0-150400.4.5.1

busybox-tftp-1.35.0-150400.4.5.1

busybox-time-1.35.0-150400.4.5.1

busybox-traceroute-1.35.0-150400.4.5.1

busybox-tunctl-1.35.0-150400.4.5.1

busybox-unzip-1.35.0-150400.4.5.1

busybox-util-linux-1.35.0-150400.4.5.1

busybox-vi-1.35.0-150400.4.5.1

busybox-vlan-1.35.0-150400.4.5.1

busybox-wget-1.35.0-150400.4.5.1

busybox-which-1.35.0-150400.4.5.1

busybox-whois-1.35.0-150400.4.5.1

busybox-xz-1.35.0-150400.4.5.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233529-1/
Link for SUSE-SU-2023:3529-1
https://lists.suse.com/pipermail/sle-security-updates/2023-September/016088.html
E-Mail link for SUSE-SU-2023:3529-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1214538
SUSE Bug 1214538
https://www.suse.com/security/cve/CVE-2022-48174/
SUSE CVE CVE-2022-48174 page

Описание

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

Затронутые продукты

Container bci/bci-busybox:15.4:busybox-1.35.0-150400.3.11.1

Container bci/bci-busybox:15.4:busybox-adduser-1.35.0-150400.4.5.1

Container bci/bci-busybox:15.4:busybox-attr-1.35.0-150400.4.5.1

Container bci/bci-busybox:15.4:busybox-bc-1.35.0-150400.4.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-48174.html
CVE-2022-48174
https://bugzilla.suse.com/1214538
SUSE Bug 1214538
https://bugzilla.suse.com/1224426
SUSE Bug 1224426
https://bugzilla.suse.com/1225678
SUSE Bug 1225678

SUSE-SU-2023:3529-1

Описание

Список пакетов

Container bci/bci-busybox:15.4

SUSE Linux Enterprise Module for Basesystem 15 SP4

openSUSE Leap 15.4

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2022-48174

Описание

Затронутые продукты

Ссылки