Total vulnerabilities in the database
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data.
Software | From | Fixed in |
---|---|---|
busybox / busybox | 1.32.0 | 1.32.1.x |
fedoraproject / fedora | 32 | 32.x |
fedoraproject / fedora | 33 | 33.x |
fedoraproject / fedora | 34 | 34.x |
debian / debian_linux | 9.0 | 9.0.x |