CVE-2021-42375
Description
An incorrect handling of a special element in Busyboxs ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.
Risk Information
Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.061
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2022:4253-1(SUSE Linux Enterprise Server 12-SP5 ) busybox-1.35.0-4.3.1.x86_64.rpm | Linux |
| SUSE-SU-2022:3959-1(SUSE Linux Enterprise Module for Basesystem 15-SP4 ) busybox-static-1.35.0-150400.3.3.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234