A NULL pointer dereference in Busyboxs hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Busybox | Busybox | 1.16.0 (including) | 1.34.0 (excluding) |
Busybox | Ubuntu | trusty | * |
Busybox | Ubuntu | upstream | * |
Busybox | Ubuntu | xenial | * |