Busybox
Sign in to watchby Busybox
CVEs (24)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-16544 | Hig | 0.57 | 8.8 | 0.03 | Nov 20, 2017 | In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. | |
| CVE-2011-5325 | Hig | 0.49 | 7.5 | 0.04 | Aug 7, 2017 | Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink. | |
| CVE-2016-6301 | Hig | 0.49 | 7.5 | 0.03 | Dec 9, 2016 | The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop. | |
| CVE-2017-15873 | Med | 0.36 | 5.5 | 0.00 | Oct 24, 2017 | The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. | |
| CVE-2014-9645 | Med | 0.36 | 5.5 | 0.00 | Mar 12, 2017 | The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / (slash) character in a module name, as demonstrated by an "ifconfig /usbserial up" command or a "mount -t /snd_pcm none /" command. | |
| CVE-2006-1058 | Med | 0.36 | 5.5 | 0.00 | Apr 4, 2006 | BusyBox 1.1.1 does not use a salt when generating passwords, which makes it easier for local users to guess passwords from a stolen password file using techniques such as rainbow tables. | |
| CVE-2017-15874 | Med | 0.33 | 5.0 | 0.00 | Oct 24, 2017 | archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an Integer Underflow that leads to a read access violation. | |
| CVE-2025-46394 | 0.00 | — | 0.00 | Apr 23, 2025 | In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. | ||
| CVE-2021-42382 | 0.00 | — | 0.00 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function | ||
| CVE-2021-42379 | 0.00 | — | 0.00 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function | ||
| CVE-2021-42381 | 0.00 | — | 0.00 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function | ||
| CVE-2021-42383 | 0.00 | — | 0.00 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | ||
| CVE-2021-42373 | 0.00 | — | 0.00 | Nov 15, 2021 | A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given | ||
| CVE-2021-42385 | 0.00 | — | 0.00 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | ||
| CVE-2021-42377 | 0.00 | — | 0.03 | Nov 15, 2021 | An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input. | ||
| CVE-2021-42384 | 0.00 | — | 0.00 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function | ||
| CVE-2021-42386 | 0.00 | — | 0.00 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function | ||
| CVE-2021-42375 | 0.00 | — | 0.00 | Nov 15, 2021 | An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input. | ||
| CVE-2021-42374 | 0.00 | — | 0.00 | Nov 15, 2021 | An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that | ||
| CVE-2021-42376 | 0.00 | — | 0.00 | Nov 15, 2021 | A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input. |