SUSE-SU-2023:3820-1

Опубликовано: 27 сент. 2023

Источник: suse-cvrf

Описание

Security update for busybox

This update for busybox fixes the following issues:

CVE-2022-48174: Fixed stack overflow vulnerability. (bsc#1214538)

Список пакетов

Container bci/bci-busybox:15.5

busybox-1.35.0-150500.10.3.3

busybox-adduser-1.35.0-150500.7.2.3

busybox-attr-1.35.0-150500.7.2.3

busybox-bc-1.35.0-150500.7.2.3

busybox-bind-utils-1.35.0-150500.7.2.3

busybox-bzip2-1.35.0-150500.7.2.3

busybox-coreutils-1.35.0-150500.7.2.3

busybox-cpio-1.35.0-150500.7.2.3

busybox-diffutils-1.35.0-150500.7.2.3

busybox-dos2unix-1.35.0-150500.7.2.3

busybox-ed-1.35.0-150500.7.2.3

busybox-findutils-1.35.0-150500.7.2.3

busybox-gawk-1.35.0-150500.7.2.3

busybox-grep-1.35.0-150500.7.2.3

busybox-gzip-1.35.0-150500.7.2.3

busybox-hostname-1.35.0-150500.7.2.3

busybox-iproute2-1.35.0-150500.7.2.3

busybox-iputils-1.35.0-150500.7.2.3

busybox-kbd-1.35.0-150500.7.2.3

busybox-less-1.35.0-150500.7.2.3

busybox-links-1.35.0-150500.7.2.3

busybox-man-1.35.0-150500.7.2.3

busybox-misc-1.35.0-150500.7.2.3

busybox-ncurses-utils-1.35.0-150500.7.2.3

busybox-net-tools-1.35.0-150500.7.2.3

busybox-netcat-1.35.0-150500.7.2.3

busybox-patch-1.35.0-150500.7.2.3

busybox-policycoreutils-1.35.0-150500.7.2.3

busybox-procps-1.35.0-150500.7.2.3

busybox-psmisc-1.35.0-150500.7.2.3

busybox-sed-1.35.0-150500.7.2.3

busybox-selinux-tools-1.35.0-150500.7.2.3

busybox-sendmail-1.35.0-150500.7.2.3

busybox-sh-1.35.0-150500.7.2.3

busybox-sharutils-1.35.0-150500.7.2.3

busybox-syslogd-1.35.0-150500.7.2.3

busybox-sysvinit-tools-1.35.0-150500.7.2.3

busybox-tar-1.35.0-150500.7.2.3

busybox-telnet-1.35.0-150500.7.2.3

busybox-tftp-1.35.0-150500.7.2.3

busybox-time-1.35.0-150500.7.2.3

busybox-traceroute-1.35.0-150500.7.2.3

busybox-tunctl-1.35.0-150500.7.2.3

busybox-unzip-1.35.0-150500.7.2.3

busybox-util-linux-1.35.0-150500.7.2.3

busybox-vi-1.35.0-150500.7.2.3

busybox-vlan-1.35.0-150500.7.2.3

busybox-wget-1.35.0-150500.7.2.3

busybox-which-1.35.0-150500.7.2.3

busybox-whois-1.35.0-150500.7.2.3

busybox-xz-1.35.0-150500.7.2.3

Container bci/bci-busybox:15.7

busybox-1.35.0-150500.10.3.3

busybox-adduser-1.35.0-150500.7.2.3

busybox-attr-1.35.0-150500.7.2.3

busybox-bc-1.35.0-150500.7.2.3

busybox-bind-utils-1.35.0-150500.7.2.3

busybox-bzip2-1.35.0-150500.7.2.3

busybox-coreutils-1.35.0-150500.7.2.3

busybox-cpio-1.35.0-150500.7.2.3

busybox-diffutils-1.35.0-150500.7.2.3

busybox-dos2unix-1.35.0-150500.7.2.3

busybox-ed-1.35.0-150500.7.2.3

busybox-findutils-1.35.0-150500.7.2.3

busybox-gawk-1.35.0-150500.7.2.3

busybox-grep-1.35.0-150500.7.2.3

busybox-gzip-1.35.0-150500.7.2.3

busybox-hostname-1.35.0-150500.7.2.3

busybox-iproute2-1.35.0-150500.7.2.3

busybox-iputils-1.35.0-150500.7.2.3

busybox-kbd-1.35.0-150500.7.2.3

busybox-less-1.35.0-150500.7.2.3

busybox-links-1.35.0-150500.7.2.3

busybox-man-1.35.0-150500.7.2.3

busybox-misc-1.35.0-150500.7.2.3

busybox-ncurses-utils-1.35.0-150500.7.2.3

busybox-net-tools-1.35.0-150500.7.2.3

busybox-netcat-1.35.0-150500.7.2.3

busybox-patch-1.35.0-150500.7.2.3

busybox-policycoreutils-1.35.0-150500.7.2.3

busybox-procps-1.35.0-150500.7.2.3

busybox-psmisc-1.35.0-150500.7.2.3

busybox-sed-1.35.0-150500.7.2.3

busybox-selinux-tools-1.35.0-150500.7.2.3

busybox-sendmail-1.35.0-150500.7.2.3

busybox-sh-1.35.0-150500.7.2.3

busybox-sharutils-1.35.0-150500.7.2.3

busybox-syslogd-1.35.0-150500.7.2.3

busybox-sysvinit-tools-1.35.0-150500.7.2.3

busybox-tar-1.35.0-150500.7.2.3

busybox-telnet-1.35.0-150500.7.2.3

busybox-tftp-1.35.0-150500.7.2.3

busybox-time-1.35.0-150500.7.2.3

busybox-traceroute-1.35.0-150500.7.2.3

busybox-tunctl-1.35.0-150500.7.2.3

busybox-unzip-1.35.0-150500.7.2.3

busybox-util-linux-1.35.0-150500.7.2.3

busybox-vi-1.35.0-150500.7.2.3

busybox-vlan-1.35.0-150500.7.2.3

busybox-wget-1.35.0-150500.7.2.3

busybox-which-1.35.0-150500.7.2.3

busybox-whois-1.35.0-150500.7.2.3

busybox-xz-1.35.0-150500.7.2.3

Container bci/bci-busybox:latest

busybox-1.35.0-150500.10.3.3

busybox-adduser-1.35.0-150500.7.2.3

busybox-attr-1.35.0-150500.7.2.3

busybox-bc-1.35.0-150500.7.2.3

busybox-bind-utils-1.35.0-150500.7.2.3

busybox-bzip2-1.35.0-150500.7.2.3

busybox-coreutils-1.35.0-150500.7.2.3

busybox-cpio-1.35.0-150500.7.2.3

busybox-diffutils-1.35.0-150500.7.2.3

busybox-dos2unix-1.35.0-150500.7.2.3

busybox-ed-1.35.0-150500.7.2.3

busybox-findutils-1.35.0-150500.7.2.3

busybox-gawk-1.35.0-150500.7.2.3

busybox-grep-1.35.0-150500.7.2.3

busybox-gzip-1.35.0-150500.7.2.3

busybox-hostname-1.35.0-150500.7.2.3

busybox-iproute2-1.35.0-150500.7.2.3

busybox-iputils-1.35.0-150500.7.2.3

busybox-kbd-1.35.0-150500.7.2.3

busybox-less-1.35.0-150500.7.2.3

busybox-links-1.35.0-150500.7.2.3

busybox-man-1.35.0-150500.7.2.3

busybox-misc-1.35.0-150500.7.2.3

busybox-ncurses-utils-1.35.0-150500.7.2.3

busybox-net-tools-1.35.0-150500.7.2.3

busybox-netcat-1.35.0-150500.7.2.3

busybox-patch-1.35.0-150500.7.2.3

busybox-policycoreutils-1.35.0-150500.7.2.3

busybox-procps-1.35.0-150500.7.2.3

busybox-psmisc-1.35.0-150500.7.2.3

busybox-sed-1.35.0-150500.7.2.3

busybox-selinux-tools-1.35.0-150500.7.2.3

busybox-sendmail-1.35.0-150500.7.2.3

busybox-sh-1.35.0-150500.7.2.3

busybox-sharutils-1.35.0-150500.7.2.3

busybox-syslogd-1.35.0-150500.7.2.3

busybox-sysvinit-tools-1.35.0-150500.7.2.3

busybox-tar-1.35.0-150500.7.2.3

busybox-telnet-1.35.0-150500.7.2.3

busybox-tftp-1.35.0-150500.7.2.3

busybox-time-1.35.0-150500.7.2.3

busybox-traceroute-1.35.0-150500.7.2.3

busybox-tunctl-1.35.0-150500.7.2.3

busybox-unzip-1.35.0-150500.7.2.3

busybox-util-linux-1.35.0-150500.7.2.3

busybox-vi-1.35.0-150500.7.2.3

busybox-vlan-1.35.0-150500.7.2.3

busybox-wget-1.35.0-150500.7.2.3

busybox-which-1.35.0-150500.7.2.3

busybox-whois-1.35.0-150500.7.2.3

busybox-xz-1.35.0-150500.7.2.3

SUSE Linux Enterprise Module for Basesystem 15 SP5

busybox-1.35.0-150500.10.3.3

busybox-static-1.35.0-150500.10.3.3

openSUSE Leap 15.5

busybox-static-1.35.0-150500.10.3.3

busybox-testsuite-1.35.0-150500.10.3.3

busybox-warewulf3-1.35.0-150500.10.3.3

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20233820-1/
Link for SUSE-SU-2023:3820-1
https://lists.suse.com/pipermail/sle-updates/2023-September/031745.html
E-Mail link for SUSE-SU-2023:3820-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1214538
SUSE Bug 1214538
https://www.suse.com/security/cve/CVE-2022-48174/
SUSE CVE CVE-2022-48174 page

Описание

There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

Затронутые продукты

Container bci/bci-busybox:15.5:busybox-1.35.0-150500.10.3.3

Container bci/bci-busybox:15.5:busybox-adduser-1.35.0-150500.7.2.3

Container bci/bci-busybox:15.5:busybox-attr-1.35.0-150500.7.2.3

Container bci/bci-busybox:15.5:busybox-bc-1.35.0-150500.7.2.3

Ссылки

https://www.suse.com/security/cve/CVE-2022-48174.html
CVE-2022-48174
https://bugzilla.suse.com/1214538
SUSE Bug 1214538
https://bugzilla.suse.com/1224426
SUSE Bug 1224426
https://bugzilla.suse.com/1225678
SUSE Bug 1225678

SUSE-SU-2023:3820-1

Описание

Список пакетов

Container bci/bci-busybox:15.5

Container bci/bci-busybox:15.7

Container bci/bci-busybox:latest

SUSE Linux Enterprise Module for Basesystem 15 SP5

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2022-48174

Описание

Затронутые продукты

Ссылки