CVE-2021-28831

Опубликовано: 19 мар. 2021

Источник: ubuntu

Приоритет: low

CVSS2: 5

CVSS3: 7.5

Описание

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

Релиз	Статус	Примечание
bionic	released	1:1.27.2-2ubuntu3.4
devel	released	1:1.30.1-7ubuntu2
esm-infra-legacy/trusty	released	1:1.21.0-1ubuntu1.4+esm1
esm-infra/bionic	released	1:1.27.2-2ubuntu3.4
esm-infra/focal	released	1:1.30.1-4ubuntu6.4
esm-infra/xenial	released	1:1.22.0-15ubuntu1.4+esm1
focal	released	1:1.30.1-4ubuntu6.4
groovy	ignored	end of life
hirsute	released	1:1.30.1-6ubuntu2.1
impish	released	1:1.30.1-6ubuntu3.1

Показывать по

Ссылки на источники

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2021-28831

CVSS3: 7.5

redhat

почти 5 лет назад

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

CVE-2021-28831

CVSS3: 7.5

nvd

почти 5 лет назад

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

CVE-2021-28831

CVSS3: 7.5

msrc

почти 5 лет назад

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer with a resultant invalid free or segmentation fault via malformed gzip data.

CVE-2021-28831

CVSS3: 7.5

debian

почти 5 лет назад

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit ...

GHSA-7w53-225r-6vxv

CVSS3: 7.5

github

больше 3 лет назад

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2021-28831

Описание

Пакет busybox

Ссылки на источники

Связанные уязвимости