Lucene search
SuseOPENSUSE-SU-2021:3531-1HistoryOct 27, 2021 - 12:00 a.m.
Security update for busybox (important)
2021-10-2700:00:00
lists.opensuse.org
20
0.013 Low
EPSS
Percentile
85.7%
An update that fixes 5 vulnerabilities is now available.
Description:
This update for busybox fixes the following issues:
- CVE-2021-28831: Fixed invalid free or segmentation fault via malformed
gzip data (bsc#1184522). - CVE-2018-20679: Fixed out of bounds read in udhcp (bsc#1121426).
- CVE-2018-1000517: Fixed buffer overflow in the retrieve_file_data()
(bsc#1099260). - CVE-2011-5325: Fixed a directory traversal related to ‘tar’ command
(bsc#951562). - CVE-2018-1000500: Fixed missing SSL certificate validation related to
the ‘wget’ command (bsc#1099263).
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2021-3531=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.3 | aarch64 | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm | |
| openSUSE Leap | 15.3 | ppc64le | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm | |
| openSUSE Leap | 15.3 | s390x | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm | |
| openSUSE Leap | 15.3 | x86_64 | < - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64): | - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |
Related
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2021:3531-1)
2021-10-28 00:00:00
openSUSE: Security Advisory for busybox (openSUSE-SU-2021:1408-1)
2021-11-01 00:00:00
openSUSE: Security Advisory for busybox (openSUSE-SU-2021:3531-1)
2021-10-28 00:00:00
suse
suse
Security update for busybox (important)
2021-10-31 00:00:00
Security update for busybox (important)
2022-05-18 00:00:00
nessus
nessus
openSUSE 15 Security Update : busybox (openSUSE-SU-2021:1408-1)
2021-11-01 00:00:00
openSUSE 15 Security Update : busybox (openSUSE-SU-2021:3531-1)
2021-10-28 00:00:00
SUSE SLED15 / SLES15 Security Update : busybox (SUSE-SU-2021:3531-1)
2021-10-28 00:00:00
cloudfoundry
cloudfoundry
USN-4531-1: BusyBox vulnerability | Cloud Foundry
2020-11-19 00:00:00
USN-3935-1: BusyBox vulnerabilities | Cloud Foundry
2019-04-12 00:00:00
USN-5179-1: BusyBox vulnerabilities | Cloud Foundry
2022-01-20 00:00:00
ubuntu
ubuntu
BusyBox vulnerability
2020-09-22 00:00:00
BusyBox vulnerability
2022-05-10 00:00:00
BusyBox vulnerabilities
2019-04-03 00:00:00
nvd
nvd
CVE-2018-1000500
2018-06-26 16:29:00
CVE-2018-1000517
2018-06-26 16:29:01
CVE-2011-5325
2017-08-07 17:29:00
prion
prion
Input validation
2018-06-26 16:29:00
Heap overflow
2018-06-26 16:29:00
Directory traversal
2017-08-07 17:29:00
checkpoint_advisories
checkpoint_advisories
BusyBox Project BusyBox udhcp Option Out of Bounds Read (CVE-2018-20679)
2019-02-24 00:00:00
cbl_mariner
cbl_mariner
CVE-2018-1000500 affecting package busybox 1.31.1-3
2021-04-06 23:50:06
CVE-2021-28831 affecting package busybox 1.32.0-2
2021-04-06 23:50:06
CVE-2021-28831 affecting package busybox for versions less than 1.32.0-2
2022-04-09 06:51:46
cve
cve
CVE-2018-1000500
2018-06-26 16:29:00
CVE-2011-5325
2017-08-07 17:29:00
CVE-2018-1000517
2018-06-26 16:29:01
debiancve
debiancve
CVE-2018-1000517
2018-06-26 16:29:01
CVE-2011-5325
2017-08-07 17:29:00
CVE-2018-1000500
2018-06-26 16:29:00
osv
osv
busybox vulnerability
2020-09-22 13:57:23
CVE-2018-1000500
2018-06-26 16:29:00
CVE-2018-1000517
2018-06-26 16:29:01
mageia
mageia
Updated busybox packages fix a security vulnerability
2021-01-08 18:34:55
Updated busybox packages fix security vulnerability
2021-07-04 05:13:55
cvelist
cvelist
CVE-2018-1000500
2018-06-26 16:00:00
CVE-2018-1000517
2018-06-26 16:00:00
CVE-2011-5325
2017-08-07 17:00:00
redhatcve
redhatcve
CVE-2018-1000500
2018-06-27 08:49:33
CVE-2018-1000517
2018-06-27 08:19:00
CVE-2018-20679
2019-01-16 10:49:28
ubuntucve
ubuntucve
CVE-2018-1000500
2018-06-26 00:00:00
CVE-2018-1000517
2018-06-26 00:00:00
CVE-2011-5325
2017-08-07 00:00:00
alpinelinux
alpinelinux
CVE-2018-1000500
2018-06-26 16:29:00
CVE-2018-20679
2019-01-09 16:29:00
CVE-2021-28831
2021-03-19 05:15:13
debian
debian
[SECURITY] [DLA 1445-3] busybox regression update
2018-08-03 05:18:30
[SECURITY] [DLA 2614-1] busybox security update
2021-04-01 21:59:52
[SECURITY] [DLA 1445-1] busybox security update
2018-07-27 04:39:37
veracode
veracode
Arbitrry Code Execution
2020-09-21 06:27:33
Directory Traversal
2021-02-15 22:51:22
Information Disclosure
2020-09-21 06:27:41
archlinux
archlinux
[ASA-202103-11] mkinitcpio-busybox: denial of service
2021-03-25 00:00:00
[ASA-202103-12] busybox: denial of service
2021-03-25 00:00:00
amazon
amazon
Medium: busybox
2021-05-06 19:11:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 33 Update: busybox-1.32.1-1.fc33
2021-03-31 01:15:43
[SECURITY] Fedora 32 Update: busybox-1.32.1-1.fc32
2021-04-01 01:55:13
[SECURITY] Fedora 34 Update: busybox-1.33.0-3.fc34
2021-03-27 00:18:36
gentoo
gentoo
BusyBox: Denial of service
2021-05-26 00:00:00
ics
ics
Advantech Spectre RT Industrial Routers
2021-02-23 12:00:00
Siemens SIMATIC S7-1500 TM MFP BIOS
2023-06-15 12:00:00
packetstorm
packetstorm
ZTE Mobile Hotspot MS910S Backdoor / Hardcoded Password
2020-08-27 00:00:00
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
2019-09-04 00:00:00
avleonov
avleonov