ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
- CVEs
- Documentation
ELS for Languages
- CVEs
- Releases
- Projects
- Documentation

CVE-2021-28831

Updated: 2022-05-25 08:14:31.473033

Description:

decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.

Links	NIST	CIRCL	RHEL	Ubuntu

Severity

	Severity	Score
CVSS Version 2.x	MEDIUM	5
CVSS Version 3.x	HIGH	7.5

Status

OS name	Project name	Version	Score	Severity	Status	Errata	Last updated
CentOS 6 ELS	busybox	1.15.1	7.5	HIGH	Not Vulnerable		2021-12-16 10:40:02
CloudLinux 6 ELS	busybox	1.15.1	7.5	HIGH	Not Vulnerable		2021-12-16 10:40:02
Oracle Linux 6 ELS	busybox	1.15.1	7.5	HIGH	Not Vulnerable		2021-12-16 10:40:02
Ubuntu 16.04 ELS	busybox	1.22.0	7.5	HIGH	Released	CLSA-2021:1635459154	2021-12-16 10:40:02