CVE-2021-42375

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Busybox (affected versions not specified)

Description An issue in Busybox's ash applet causes a denial of service when it processes a specially crafted shell command. This happens because the shell incorrectly identifies certain characters as reserved characters. The issue can be exploited for denial of service under specific conditions where command input is filtered.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-159CWE-20

Related Identifiers

BDU:2025-05995

CVE-2021-42375

OPENSUSE-SU-2022:0135-1

OPENSUSE-SU-2022_0135-1

OPENSUSE-SU-2022_3959-1

SUSE-SU-2022:0135-1

SUSE-SU-2022:0135-2

SUSE-SU-2022:3959-1

SUSE-SU-2022:4253-1

Affected Products

Busybox

Debian

Red Os

Suse

CVE-2021-42375

Weakness Enumeration

Related Identifiers

Affected Products

References · 75