Ubuntu Security Update USN-6961-1: BusyBox vulnerabilities

LinuxBot

Member
Joined
Apr 25, 2017
Messages
6,776
Reaction score
94
Credits
-1,257
It was discovered that BusyBox did not properly validate user input when performing certain arithmetic operations. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2022-48174) It was discovered that BusyBox incorrectly managed memory when evaluating certain awk expressions. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. (CVE-2023-42363, CVE-2023-42364, CVE-2023-42365)

Continue reading...
 


Follow Linux.org

Staff online

Members online


Latest posts

Top