Vulnerability-Lookup

SUSE-SU-2026:0892-1

Vulnerability from csaf_suse - Published: 2026-03-13 09:05 - Updated: 2026-03-13 09:05

Summary

Security update for busybox

Notes

Title of the patch

Security update for busybox

Description of the patch

This update for busybox fixes the following issues: - CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncs_printf.c (bsc#1217580). - CVE-2023-42364: use-after-free in the awk.c evaluate function (bsc#1217584). - CVE-2023-42365: use-after-free in the awk.c copyvar function (bsc#1217585). - CVE-2025-46394: files in a TAR archive can have their filenames hidden from a listing if terminal escape sequences are used when naming other files included in the archive (bsc#1241661). - CVE-2025-60876: request line incorrectly neutralized mat lead to header injection (bsc#1253245). - CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization (bsc#1258163). - CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries (bsc#1258167). - CVE-2021-42380: Additional fix for use-after-realloc in awk (bsc#1192869).

Patchnames

SUSE-2026-892,SUSE-SLE-SERVER-12-SP5-LTSS-2026-892,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-892

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for busybox",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for busybox fixes the following issues:\n\n- CVE-2023-42363: use-after-free vulnerability in xasprintf function in xfuncs_printf.c (bsc#1217580).\n- CVE-2023-42364: use-after-free in the awk.c evaluate function (bsc#1217584).\n- CVE-2023-42365: use-after-free in the awk.c copyvar function (bsc#1217585).\n- CVE-2025-46394: files in a TAR archive can have their filenames hidden from a listing if terminal escape sequences are\n  used when naming other files included in the archive (bsc#1241661).\n- CVE-2025-60876: request line incorrectly neutralized mat lead to header injection (bsc#1253245).\n- CVE-2026-26157: Arbitrary file overwrite and potential code execution via incomplete path sanitization (bsc#1258163).\n- CVE-2026-26158: Arbitrary file modification and privilege escalation via unvalidated tar archive entries\n  (bsc#1258167).\n- CVE-2021-42380: Additional fix for use-after-realloc in awk (bsc#1192869).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2026-892,SUSE-SLE-SERVER-12-SP5-LTSS-2026-892,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-892",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0892-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:0892-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260892-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:0892-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024690.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1192869",
        "url": "https://bugzilla.suse.com/1192869"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1217580",
        "url": "https://bugzilla.suse.com/1217580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1217584",
        "url": "https://bugzilla.suse.com/1217584"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1217585",
        "url": "https://bugzilla.suse.com/1217585"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1241661",
        "url": "https://bugzilla.suse.com/1241661"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1253245",
        "url": "https://bugzilla.suse.com/1253245"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258163",
        "url": "https://bugzilla.suse.com/1258163"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1258167",
        "url": "https://bugzilla.suse.com/1258167"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2021-42380 page",
        "url": "https://www.suse.com/security/cve/CVE-2021-42380/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-42363 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-42363/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-42364 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-42364/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-42365 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-42365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-46394 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-46394/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-60876 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-60876/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-26157 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-26157/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-26158 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-26158/"
      }
    ],
    "title": "Security update for busybox",
    "tracking": {
      "current_release_date": "2026-03-13T09:05:08Z",
      "generator": {
        "date": "2026-03-13T09:05:08Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:0892-1",
      "initial_release_date": "2026-03-13T09:05:08Z",
      "revision_history": [
        {
          "date": "2026-03-13T09:05:08Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "busybox-1.35.0-10.3.1.aarch64",
                "product": {
                  "name": "busybox-1.35.0-10.3.1.aarch64",
                  "product_id": "busybox-1.35.0-10.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-static-1.35.0-10.3.1.aarch64",
                "product": {
                  "name": "busybox-static-1.35.0-10.3.1.aarch64",
                  "product_id": "busybox-static-1.35.0-10.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-testsuite-1.35.0-10.3.1.aarch64",
                "product": {
                  "name": "busybox-testsuite-1.35.0-10.3.1.aarch64",
                  "product_id": "busybox-testsuite-1.35.0-10.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-warewulf3-1.35.0-10.3.1.aarch64",
                "product": {
                  "name": "busybox-warewulf3-1.35.0-10.3.1.aarch64",
                  "product_id": "busybox-warewulf3-1.35.0-10.3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "busybox-1.35.0-10.3.1.i586",
                "product": {
                  "name": "busybox-1.35.0-10.3.1.i586",
                  "product_id": "busybox-1.35.0-10.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-static-1.35.0-10.3.1.i586",
                "product": {
                  "name": "busybox-static-1.35.0-10.3.1.i586",
                  "product_id": "busybox-static-1.35.0-10.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-testsuite-1.35.0-10.3.1.i586",
                "product": {
                  "name": "busybox-testsuite-1.35.0-10.3.1.i586",
                  "product_id": "busybox-testsuite-1.35.0-10.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-warewulf3-1.35.0-10.3.1.i586",
                "product": {
                  "name": "busybox-warewulf3-1.35.0-10.3.1.i586",
                  "product_id": "busybox-warewulf3-1.35.0-10.3.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "busybox-1.35.0-10.3.1.ppc64le",
                "product": {
                  "name": "busybox-1.35.0-10.3.1.ppc64le",
                  "product_id": "busybox-1.35.0-10.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-static-1.35.0-10.3.1.ppc64le",
                "product": {
                  "name": "busybox-static-1.35.0-10.3.1.ppc64le",
                  "product_id": "busybox-static-1.35.0-10.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-testsuite-1.35.0-10.3.1.ppc64le",
                "product": {
                  "name": "busybox-testsuite-1.35.0-10.3.1.ppc64le",
                  "product_id": "busybox-testsuite-1.35.0-10.3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "busybox-1.35.0-10.3.1.s390",
                "product": {
                  "name": "busybox-1.35.0-10.3.1.s390",
                  "product_id": "busybox-1.35.0-10.3.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-static-1.35.0-10.3.1.s390",
                "product": {
                  "name": "busybox-static-1.35.0-10.3.1.s390",
                  "product_id": "busybox-static-1.35.0-10.3.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-testsuite-1.35.0-10.3.1.s390",
                "product": {
                  "name": "busybox-testsuite-1.35.0-10.3.1.s390",
                  "product_id": "busybox-testsuite-1.35.0-10.3.1.s390"
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "busybox-1.35.0-10.3.1.s390x",
                "product": {
                  "name": "busybox-1.35.0-10.3.1.s390x",
                  "product_id": "busybox-1.35.0-10.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-static-1.35.0-10.3.1.s390x",
                "product": {
                  "name": "busybox-static-1.35.0-10.3.1.s390x",
                  "product_id": "busybox-static-1.35.0-10.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-testsuite-1.35.0-10.3.1.s390x",
                "product": {
                  "name": "busybox-testsuite-1.35.0-10.3.1.s390x",
                  "product_id": "busybox-testsuite-1.35.0-10.3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "busybox-1.35.0-10.3.1.x86_64",
                "product": {
                  "name": "busybox-1.35.0-10.3.1.x86_64",
                  "product_id": "busybox-1.35.0-10.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-static-1.35.0-10.3.1.x86_64",
                "product": {
                  "name": "busybox-static-1.35.0-10.3.1.x86_64",
                  "product_id": "busybox-static-1.35.0-10.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-testsuite-1.35.0-10.3.1.x86_64",
                "product": {
                  "name": "busybox-testsuite-1.35.0-10.3.1.x86_64",
                  "product_id": "busybox-testsuite-1.35.0-10.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "busybox-warewulf3-1.35.0-10.3.1.x86_64",
                "product": {
                  "name": "busybox-warewulf3-1.35.0-10.3.1.x86_64",
                  "product_id": "busybox-warewulf3-1.35.0-10.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "busybox-1.35.0-10.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64"
        },
        "product_reference": "busybox-1.35.0-10.3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "busybox-1.35.0-10.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le"
        },
        "product_reference": "busybox-1.35.0-10.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "busybox-1.35.0-10.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x"
        },
        "product_reference": "busybox-1.35.0-10.3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "busybox-1.35.0-10.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64"
        },
        "product_reference": "busybox-1.35.0-10.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "busybox-1.35.0-10.3.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
          "product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        },
        "product_reference": "busybox-1.35.0-10.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-42380",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2021-42380"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2021-42380",
          "url": "https://www.suse.com/security/cve/CVE-2021-42380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1192869 for CVE-2021-42380",
          "url": "https://bugzilla.suse.com/1192869"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-13T09:05:08Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2021-42380"
    },
    {
      "cve": "CVE-2023-42363",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-42363"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-42363",
          "url": "https://www.suse.com/security/cve/CVE-2023-42363"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217580 for CVE-2023-42363",
          "url": "https://bugzilla.suse.com/1217580"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-13T09:05:08Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-42363"
    },
    {
      "cve": "CVE-2023-42364",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-42364"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-42364",
          "url": "https://www.suse.com/security/cve/CVE-2023-42364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217584 for CVE-2023-42364",
          "url": "https://bugzilla.suse.com/1217584"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-13T09:05:08Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-42364"
    },
    {
      "cve": "CVE-2023-42365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-42365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-42365",
          "url": "https://www.suse.com/security/cve/CVE-2023-42365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1217585 for CVE-2023-42365",
          "url": "https://bugzilla.suse.com/1217585"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-13T09:05:08Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-42365"
    },
    {
      "cve": "CVE-2025-46394",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-46394"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-46394",
          "url": "https://www.suse.com/security/cve/CVE-2025-46394"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1241661 for CVE-2025-46394",
          "url": "https://bugzilla.suse.com/1241661"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-13T09:05:08Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-46394"
    },
    {
      "cve": "CVE-2025-60876",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-60876"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-60876",
          "url": "https://www.suse.com/security/cve/CVE-2025-60876"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1253245 for CVE-2025-60876",
          "url": "https://bugzilla.suse.com/1253245"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-13T09:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-60876"
    },
    {
      "cve": "CVE-2026-26157",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-26157"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentially enabling code execution through the modification of sensitive system files.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-26157",
          "url": "https://www.suse.com/security/cve/CVE-2026-26157"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258163 for CVE-2026-26157",
          "url": "https://bugzilla.suse.com/1258163"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-13T09:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-26157"
    },
    {
      "cve": "CVE-2026-26158",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-26158"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
          "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-26158",
          "url": "https://www.suse.com/security/cve/CVE-2026-26158"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1258167 for CVE-2026-26158",
          "url": "https://bugzilla.suse.com/1258167"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5-LTSS:busybox-1.35.0-10.3.1.x86_64",
            "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:busybox-1.35.0-10.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-03-13T09:05:08Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-26158"
    }
  ]
}

CVE-2023-42365 (GCVE-0-2023-42365)

Vulnerability from cvelistv5 – Published: 2023-11-27 00:00 – Updated: 2025-11-03 20:35

Summary

A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://bugs.busybox.net/show_bug.cgi?id=15871

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:35:59.563Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.busybox.net/show_bug.cgi?id=15871"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00012.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-27T22:24:42.955Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.busybox.net/show_bug.cgi?id=15871"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-42365",
    "datePublished": "2023-11-27T00:00:00.000Z",
    "dateReserved": "2023-09-08T00:00:00.000Z",
    "dateUpdated": "2025-11-03T20:35:59.563Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-26157 (GCVE-0-2026-26157)

Vulnerability from cvelistv5 – Published: 2026-02-11 20:27 – Updated: 2026-02-26 14:44

Title

Busybox: busybox: arbitrary file overwrite and potential code execution via incomplete path sanitization

Summary

A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentially enabling code execution through the modification of sensitive system files.

Severity ?

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-73 - External Control of File Name or Path

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2026-26157	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2439039	issue-trackingx_refsource_REDHAT
	https://git.busybox.net/busybox/commit/archival?i…

Impacted products

	Vendor	Product	Version
	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Date Public ?

2026-02-11 00:00

Credits

Red Hat would like to thank Calil Khalil (Hakal) for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-26157",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T04:55:24.022631Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:23.512Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "busybox",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Calil Khalil (Hakal) for reporting this issue."
        }
      ],
      "datePublic": "2026-02-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentially enabling code execution through the modification of sensitive system files."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T15:39:51.727Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-26157"
        },
        {
          "name": "RHBZ#2439039",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439039"
        },
        {
          "url": "https://git.busybox.net/busybox/commit/archival?id=3fb6b31c716669e12f75a2accd31bb7685b1a1cb"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-11T17:54:52.728Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-02-11T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Busybox: busybox: arbitrary file overwrite and potential code execution via incomplete path sanitization",
      "workarounds": [
        {
          "lang": "en",
          "value": "As a prevention measure, avoid extracting archives from untrusted sources using BusyBox utilities. If extraction of untrusted archives is necessary, perform it within a highly isolated and restricted environment, such as a container with a read-only root filesystem and minimal privileges, to limit the potential impact of arbitrary file overwrites."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-73: External Control of File Name or Path"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-26157",
    "datePublished": "2026-02-11T20:27:06.196Z",
    "dateReserved": "2026-02-11T17:05:41.991Z",
    "dateUpdated": "2026-02-26T14:44:23.512Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-26158 (GCVE-0-2026-26158)

Vulnerability from cvelistv5 – Published: 2026-02-11 20:27 – Updated: 2026-02-26 14:44

Title

Busybox: busybox: arbitrary file modification and privilege escalation via unvalidated tar archive entries

Summary

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files.

Severity ?

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-73 - External Control of File Name or Path

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/security/cve/CVE-2026-26158	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2439040	issue-trackingx_refsource_REDHAT
	https://git.busybox.net/busybox/commit/archival?i…

Impacted products

	Vendor	Product	Version
	Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Date Public ?

2026-02-11 00:00

Credits

Red Hat would like to thank Calil Khalil (Hakal) for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-26158",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-12T04:55:24.841610Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T14:44:23.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "busybox",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Calil Khalil (Hakal) for reporting this issue."
        }
      ],
      "datePublic": "2026-02-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to privilege escalation, enabling an attacker to gain unauthorized access to critical system files."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-73",
              "description": "External Control of File Name or Path",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-12T15:39:53.620Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-26158"
        },
        {
          "name": "RHBZ#2439040",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439040"
        },
        {
          "url": "https://git.busybox.net/busybox/commit/archival?id=3fb6b31c716669e12f75a2accd31bb7685b1a1cb"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-11T18:09:00.001Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-02-11T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Busybox: busybox: arbitrary file modification and privilege escalation via unvalidated tar archive entries",
      "workarounds": [
        {
          "lang": "en",
          "value": "As a prevention measure, avoid extracting tar archives from untrusted sources using BusyBox, especially when operating with elevated privileges. If processing untrusted archives is unavoidable, ensure that the extraction process is performed within a strictly sandboxed environment with minimal permissions. This operational control reduces the risk of arbitrary file modification and privilege escalation."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-73: External Control of File Name or Path"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-26158",
    "datePublished": "2026-02-11T20:27:06.979Z",
    "dateReserved": "2026-02-11T17:05:41.991Z",
    "dateUpdated": "2026-02-26T14:44:23.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42364 (GCVE-0-2023-42364)

Vulnerability from cvelistv5 – Published: 2023-11-27 00:00 – Updated: 2025-11-03 20:35

Summary

A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

https://bugs.busybox.net/show_bug.cgi?id=15868

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:35:58.179Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.busybox.net/show_bug.cgi?id=15868"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00012.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-42364",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-10T20:28:22.651369Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-416",
                "description": "CWE-416 Use After Free",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-10T20:29:03.776Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-27T22:16:27.514Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.busybox.net/show_bug.cgi?id=15868"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-42364",
    "datePublished": "2023-11-27T00:00:00.000Z",
    "dateReserved": "2023-09-08T00:00:00.000Z",
    "dateUpdated": "2025-11-03T20:35:58.179Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-60876 (GCVE-0-2025-60876)

Vulnerability from cvelistv5 – Published: 2025-11-10 00:00 – Updated: 2025-11-12 20:47

Summary

BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20).

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE

Assigner

mitre

References

URL

Tags

	https://lists.busybox.net/pipermail/busybox/attac…
	https://lists.busybox.net/pipermail/busybox/attac…
	https://gist.github.com/subyumatest/41554af6a72ae…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-60876",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-12T20:45:24.977696Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-284",
                "description": "CWE-284 Improper Access Control",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-12T20:47:02.144Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 control bytes in the HTTP request-target (path/query), allowing the request line to be split and attacker-controlled headers to be injected. To preserve the HTTP/1.1 request-line shape METHOD SP request-target SP HTTP/1.1, a raw space (0x20) in the request-target must also be rejected (clients should use %20)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-10T19:49:21.240Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://lists.busybox.net/pipermail/busybox/attachments/20250823/ccdc96ef/attachment-0001.htm"
        },
        {
          "url": "https://lists.busybox.net/pipermail/busybox/attachments/20250828/e7f90492/attachment.htm"
        },
        {
          "url": "https://gist.github.com/subyumatest/41554af6a72aedaacaec026adc311092"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-60876",
    "datePublished": "2025-11-10T00:00:00.000Z",
    "dateReserved": "2025-09-26T00:00:00.000Z",
    "dateUpdated": "2025-11-12T20:47:02.144Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-42363 (GCVE-0-2023-42363)

Vulnerability from cvelistv5 – Published: 2023-11-27 00:00 – Updated: 2024-08-02 19:16

Summary

A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

https://bugs.busybox.net/show_bug.cgi?id=15865

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:16:50.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.busybox.net/show_bug.cgi?id=15865"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-11-27T21:53:07.527Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.busybox.net/show_bug.cgi?id=15865"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-42363",
    "datePublished": "2023-11-27T00:00:00.000Z",
    "dateReserved": "2023-09-08T00:00:00.000Z",
    "dateUpdated": "2024-08-02T19:16:50.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-42380 (GCVE-0-2021-42380)

Vulnerability from cvelistv5 – Published: 2021-11-15 00:00 – Updated: 2025-11-03 20:34

Summary

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function

Severity ?

7.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-416

Assigner

JFROG

References

URL

Tags

	https://jfrog.com/blog/unboxing-busybox-14-new-vu…
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://security.netapp.com/advisory/ntap-2021122…
	https://claroty.com/team82/research/unboxing-busy…

Impacted products

	Vendor	Product	Version
	busybox	busybox	Affected: unspecified , < 1.34.0 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:34:08.357Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/"
          },
          {
            "name": "FEDORA-2021-5a95823596",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/"
          },
          {
            "name": "FEDORA-2021-c52c0fe490",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20211223-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00012.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.2,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "HIGH",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2021-42380",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T13:32:07.611047Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T19:23:48.668Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "busybox",
          "vendor": "busybox",
          "versions": [
            {
              "lessThan": "1.34.0",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free in Busybox\u0027s awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "CWE-416",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-25T00:00:00.000Z",
        "orgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
        "shortName": "JFROG"
      },
      "references": [
        {
          "url": "https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/"
        },
        {
          "name": "FEDORA-2021-5a95823596",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/"
        },
        {
          "name": "FEDORA-2021-c52c0fe490",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20211223-0002/"
        },
        {
          "url": "https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "48a46f29-ae42-4e1d-90dd-c1676c1e5e6d",
    "assignerShortName": "JFROG",
    "cveId": "CVE-2021-42380",
    "datePublished": "2021-11-15T00:00:00.000Z",
    "dateReserved": "2021-10-14T00:00:00.000Z",
    "dateUpdated": "2025-11-03T20:34:08.357Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-46394 (GCVE-0-2025-46394)

Vulnerability from cvelistv5 – Published: 2025-04-23 00:00 – Updated: 2025-04-24 20:03

Summary

In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.

Severity ?

3.2 (Low)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE

CWE-451 - User Interface (UI) Misrepresentation of Critical Information

Assigner

mitre

References

URL

Tags

	https://bugs.busybox.net/show_bug.cgi?id=16018
	https://www.busybox.net/downloads/
	https://www.busybox.net

Impacted products

	Vendor	Product	Version
	BusyBox	BusyBox	Affected: 0 , ≤ 1.37.0 (semver)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-46394",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:43:05.329877Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T15:43:19.302Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-24T20:03:24.126Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/04/23/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/04/24/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "BusyBox",
          "vendor": "BusyBox",
          "versions": [
            {
              "lessThanOrEqual": "1.37.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*",
                  "versionEndIncluding": "1.37.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-451",
              "description": "CWE-451 User Interface (UI) Misrepresentation of Critical Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-04-23T15:31:01.192Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.busybox.net/show_bug.cgi?id=16018"
        },
        {
          "url": "https://www.busybox.net/downloads/"
        },
        {
          "url": "https://www.busybox.net"
        }
      ],
      "x_generator": {
        "engine": "enrichogram 0.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-46394",
    "datePublished": "2025-04-23T00:00:00.000Z",
    "dateReserved": "2025-04-23T00:00:00.000Z",
    "dateUpdated": "2025-04-24T20:03:24.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2026:0892-1

CVE-2023-42365 (GCVE-0-2023-42365)

CVE-2026-26157 (GCVE-0-2026-26157)

CVE-2026-26158 (GCVE-0-2026-26158)

CVE-2023-42364 (GCVE-0-2023-42364)

CVE-2025-60876 (GCVE-0-2025-60876)

CVE-2023-42363 (GCVE-0-2023-42363)

CVE-2021-42380 (GCVE-0-2021-42380)

CVE-2025-46394 (GCVE-0-2025-46394)

Tags

Sightings

Nomenclature