CVE-2021-28831 log

Source
Severity Low
Remote No
Type Denial of service
Description
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.
Group Package Affected Fixed Severity Status Ticket
AVG-1708 mkinitcpio-busybox 1.32.1-2 1.32.1-3 Low Fixed FS#70075
AVG-1707 busybox 1.32.1-3 1.32.1-4 Low Fixed FS#70075
Date Advisory Group Package Severity Type
25 Mar 2021 ASA-202103-12 AVG-1707 busybox Low denial of service
25 Mar 2021 ASA-202103-11 AVG-1708 mkinitcpio-busybox Low denial of service
References
https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd