CVE-2021-42375 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
An incorrect handling of a special element in Busybox's ash applet before version 1.34.0 leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for denial service under rare conditions of filtered command input.
Group Package Affected Fixed Severity Status Ticket
AVG-2562 mkinitcpio-busybox 1.33.1-1 1.34.1-1 Medium Fixed
AVG-2561 busybox 1.33.1-1 1.34.1-1 Medium Fixed
References
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/