CVE-2021-42385

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions BusyBox (affected versions not specified)

Description A use-after-free issue in BusyBox's awk applet can lead to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function. This allows a remote attacker to potentially execute arbitrary code on the target system.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

AZL-6351

BDU:2021-06397

CVE-2021-42385

DLA-4019-1

MGASA-2021-0533

OESA-2021-1449

OPENSUSE-SU-2022:0135-1

OPENSUSE-SU-2022_0135-1

OPENSUSE-SU-2022_3959-1

OPENSUSE-SU-2024:11738-1

SUSE-SU-2022:0135-1

SUSE-SU-2022:0135-2

SUSE-SU-2022:3959-1

SUSE-SU-2022:4253-1

USN-5179-1

Affected Products

Astra Linux

Busybox

Linuxmint

Red Os

Suse

Ubuntu

CVE-2021-42385

Weakness Enumeration

Related Identifiers

Affected Products

References · 110