SB2021111637 - Fedora 33 update for busybox

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021111637

SB2021111637 - Fedora 33 update for busybox

Published: November 16, 2021

Security Bulletin ID SB2021111637
Severity
Medium
Patch available
YES
Number of vulnerabilities 14
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 21% Low 79%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 14 secuirty vulnerabilities.


1) NULL pointer dereference (CVE-ID: CVE-2021-42373)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the man applet when a section name is supplied but no page argument is given. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.


2) Out-of-bounds read (CVE-ID: CVE-2021-42374)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in "unlzma". A remote attacker can trigger out-of-bounds read error and read contents of memory on the system or perform a denial of service (DoS) attack.


3) Input validation error (CVE-ID: CVE-2021-42375)

The vulnerability allows a remote user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input within the ash applet. A remote user can pass specially crafted input to the application and perform a denial of service (DoS) attack.


4) NULL pointer dereference (CVE-ID: CVE-2021-42376)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in Busybox's hush applet when processing a crafted shell command with a \x03 delimiter character. A local user can pass specially crafted string to the affected applet and crash the application.


5) Release of invalid pointer or reference (CVE-ID: CVE-2021-42377)

The vulnerability allows a remote attacker execute arbitrary code on the system.

The vulnerability exists due to improper input validation within the hush applet. A remote attacker can pass a specially crafted input to the application and potentially execute arbitrary shell commands.


6) Use-after-free (CVE-ID: CVE-2021-42378)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the "getvar_i" function. A remote administrator can execute arbitrary code on the target system.


7) Use-after-free (CVE-ID: CVE-2021-42379)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the "next_input_file" function. A remote administrator can execute arbitrary code on the target system.


8) Use-after-free (CVE-ID: CVE-2021-42380)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the "next_input_file" function. A remote administrator can execute arbitrary code on the target system.


9) Use-after-free (CVE-ID: CVE-2021-42381)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the "hash_init" function. A remote administrator can execute arbitrary code on the target system.


10) Use-after-free (CVE-ID: CVE-2021-42382)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the "getvar_s" function. A remote administrator can execute arbitrary code on the target system.


11) Use-after-free (CVE-ID: CVE-2021-42383)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error within the awk applet. A remote privileged user can pass a specially crafted input to the application, trigger a use-after-free error and execute arbitrary code.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.


12) Use-after-free (CVE-ID: CVE-2021-42384)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the "handle_special" function. A remote administrator can execute arbitrary code on the target system.


13) Use-after-free (CVE-ID: CVE-2021-42385)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the "evaluate" function. A remote administrator can execute arbitrary code on the target system.


14) Use-after-free (CVE-ID: CVE-2021-42386)

The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in the "nvalloc" function. A remote administrator can execute arbitrary code on the target system.


Remediation

Install update from vendor's website.

References