Uploaded image for project: 'Funtoo Linux'
  1. Funtoo Linux
  2. FL-5166

BusyBox: Multiple vulnerabilities — GLSA 201803-12

XMLWordPrintable

    • Icon: Security Vulnerability Security Vulnerability
    • Resolution: Fixed Earlier
    • Icon: Severe (Ebuild) Severe (Ebuild)
    • None
    • None
    • None

      Multiple vulnerabilities have been found in BusyBox, the worst of which could allow remote attackers to execute arbitrary code.

      Affected Packages

      Package sys-apps/busybox on all architectures
      Affected versions < 1.28.0
      Unaffected versions >= 1.28.0

      Background

      BusyBox is a set of tools for embedded systems and is a replacement for GNU Coreutils.

      Description

      Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details.

      Impact

      A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or have other unspecified impacts.

      Workaround

      There is no known workaround at this time.

      References

      CVE-2017-15873
      CVE-2017-15874
      CVE-2017-16544

            palica Pavol Cupka
            palica Pavol Cupka
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: