CVE-2021-42386 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A use-after-free in Busybox's awk applet before version 1.34.0 leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function.
Group Package Affected Fixed Severity Status Ticket
AVG-2562 mkinitcpio-busybox 1.33.1-1 1.34.1-1 Medium Fixed
AVG-2561 busybox 1.33.1-1 1.34.1-1 Medium Fixed
References
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/