Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-28831 - log back

CVE-2021-28831 edited at 19 Mar 2021 11:49:12

Severity

-	Unknown
+	Low

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Denial of service

Description

+	decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

References

+	https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd

Notes

CVE-2021-28831 created at 19 Mar 2021 11:48:08