-
Security Vulnerability
-
Resolution: Fixed Earlier
-
Severe (Ebuild)
-
None
-
None
-
None
Multiple vulnerabilities have been found in BusyBox, the worst of which could allow remote attackers to execute arbitrary code.
Affected Packages
Package sys-apps/busybox on all architectures
Affected versions < 1.28.0
Unaffected versions >= 1.28.0
Background
BusyBox is a set of tools for embedded systems and is a replacement for GNU Coreutils.
Description
Multiple vulnerabilities have been discovered in BusyBox. Please review the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or have other unspecified impacts.
Workaround
There is no known workaround at this time.
References
CVE-2017-15873
CVE-2017-15874
CVE-2017-16544