Wind River Support Network

HomeDefectsLIN1021-1985
Fixed

LIN1021-1985 : Security Advisory - busybox - CVE-2021-42375

Created: Nov 10, 2021    Updated: Dec 28, 2021
Resolved Date: Dec 28, 2021
Found In Version: 10.21.20.1
Fix Version: 10.21.20.8
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

An incorrect handling of a special element in ash leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.

CREATE(Triage):(User=admin) CVE-2021-42375 (https://nvd.nist.gov/vuln/detail/CVE-2021-42375)

CVEs


Live chat
Online