CVE Vulnerabilities

CVE-2021-28831

This vulnerability is marked as RESERVED by NVD. This means that the CVE-ID is reserved for future use by the CVE Numbering Authority (CNA) or a security researcher, but the details of it are not yet publicly available yet.

This page will reflect the classification results once they are available through NVD.

Any vendor information available is shown as below.

Redhat

CVE-2021-28831 busybox: invalid free or segmentation fault via malformed gzip data

Ubuntu

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

Affected Software List

NameVendorVersion
BusyboxUbuntu/groovyreached end-of-life
BusyboxUbuntu/hirsute
BusyboxUbuntu/xenialend of standard support, was needed
BusyboxUbuntu/bionic
BusyboxUbuntu/esm-infra/xenial
BusyboxUbuntu/precise/esmend of ESM support, was needs-triage
BusyboxUbuntu/trustyout of standard support
BusyboxUbuntu/trusty/esmTBD
BusyboxUbuntu/devel
BusyboxUbuntu/focal