AVG-2562 log

Package mkinitcpio-busybox
Status Fixed
Severity Medium
Type multiple issues
Affected 1.33.1-1
Fixed 1.34.1-1
Current 1.36.1-1 [core]
Ticket None
Created Tue Nov 16 12:25:19 2021
Issue Severity Remote Type Description
CVE-2021-42386 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42385 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42384 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42383 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42382 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42381 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42380 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42379 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42378 Medium No Arbitrary code execution
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern...
CVE-2021-42377 Medium Yes Arbitrary code execution
An attacker-controlled pointer free in Busybox's hush applet before version 1.34.0 leads to denial of service and possible code execution when processing a...
CVE-2021-42376 Medium Yes Denial of service
A NULL pointer dereference in Busybox's hush applet before version 1.34.0 leads to denial of service when processing a crafted shell command, due to missing...
CVE-2021-42375 Medium Yes Denial of service
An incorrect handling of a special element in Busybox's ash applet before version 1.34.0 leads to denial of service when processing a crafted shell command,...
CVE-2021-42374 Medium Yes Information disclosure
An out-of-bounds heap read in Busybox's unlzma applet before version 1.34.0 leads to information leak and denial of service when crafted LZMA-compressed...
CVE-2021-42373 Medium No Denial of service
A NULL pointer dereference in Busybox's man applet before version 1.34.0 leads to denial of service when a section name is supplied but no page argument is given.