busybox: fix CVE-2022-28391 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Steve Sakoman <steve@sakoman.com>	2022-04-18 09:04:07 -1000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-04-19 14:02:13 +0100
commit	8f48f1014f90c3ceacd8be367c209f941a3622ba (patch)
tree	71bbf93b63bc0163e98d4b13f2270cc151c2e976 /scripts/sysroot-relativelinks.py
parent	57a32692b7e34002c1475763f3b90650b595b851 (diff)
download	poky-8f48f1014f90c3ceacd8be367c209f941a3622ba.tar.gz

busybox: fix CVE-2022-28391

BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors. https://nvd.nist.gov/vuln/detail/CVE-2022-28391 (From OE-Core rev: 3e17df4cd17c132dc7732ebd3d1c80c81c85bcc4) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'scripts/sysroot-relativelinks.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: