Your submission was sent successfully! Close

CVE-2021-42383

Published: 15 November 2021

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

Notes

AuthorNote
mdeslaur
1.33.1+
Priority

Low

CVSS 3 base score: 7.2

Status

Package Release Status
busybox
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(1:1.27.2-2ubuntu3.3)
focal Not vulnerable
(1:1.30.1-4ubuntu6.3)
hirsute Not vulnerable
(1:1.30.1-6ubuntu2)
impish Not vulnerable
(1:1.30.1-6ubuntu3)
jammy Not vulnerable
(1:1.30.1-6ubuntu3)
trusty Not vulnerable

upstream
Released (1.34.0)
xenial Not vulnerable