VYPR
Unrated severityNVD Advisory· Published Nov 15, 2021· Updated Aug 4, 2024

CVE-2021-42377

CVE-2021-42377

Description

An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

37

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.