15829 – Memory vulnerabilities in awk and sed

Bug 15829 - Memory vulnerabilities in awk and sed

Summary: Memory vulnerabilities in awk and sed

Status:	NEW

Alias:	None

Product:	Busybox
Classification:	Unclassified
Component:	Other (show other bugs)
Version:	unspecified
Hardware:	All Linux

Importance:	P5 critical
Target Milestone:	---
Assignee:	unassigned

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-10-26 14:08 UTC by Tuba Yavuz
Modified:	2023-10-26 14:08 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tuba Yavuz 2023-10-26 14:08:57 UTC

Hello,

Our research group has found some exploitable vulnerabilities in BusyBox 1.36.0 using the AFL fuzzer. We used the defconfig as well as several configuration files generated by our own tool. We will provide all the details. However, we wonder if this is a secure channel to discuss the vulnerabilities. Please let us know. Thanks.

Tuba

Format For Printing
- XML
- Clone This Bug
- Top of page