CVE-2021-42376
15.11.2021, 21:15
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| busybox | busybox | 1.16.0 ≤ 𝑥 < 1.34.0 |
| netapp | cloud_backup | - |
| netapp | hci_management_node | - |
| netapp | solidfire | - |
| netapp | h300s_firmware | - |
| netapp | h500s_firmware | - |
| netapp | h700s_firmware | - |
| netapp | h300e_firmware | - |
| netapp | h500e_firmware | - |
| netapp | h700e_firmware | - |
| netapp | h410s_firmware | - |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| busybox |
| ||||||||||||||||||||||||||||||||||||||
| busybox-static |
|
Common Weakness Enumeration
References