Headline
CVE-2023-42363: Invalid Bug ID
A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1.
‘15865?cve=title’ is not a valid bug number nor an alias to a bug.
Please press Back and try again.
Related news
Ubuntu Security Notice 6961-1 - It was discovered that BusyBox did not properly validate user input when performing certain arithmetic operations. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. It was discovered that BusyBox incorrectly managed memory when evaluating certain awk expressions. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS.