Wind River Support Network

HomeDefectsLIN1019-6254
Fixed

LIN1019-6254 : Security Advisory - busybox - CVE-2021-28831

Created: Mar 21, 2021    Updated: Apr 24, 2021
Resolved Date: Apr 24, 2021
Found In Version: 10.19.45.1
Severity: Standard
Applicable for: Wind River Linux LTS 19
Component/s: Userspace

Description

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

CREATE(Triage):(User=admin) [CVE-2021-28831|https://nvd.nist.gov/vuln/detail/CVE-2021-28831]

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube