MGASA-2012-0171
| Date: | July 19th, 2012 |
| Affected releases: | 1 |
Description:
Updated busybox packages fix security vulnerabilities:
A buffer underflow flaw was found in the way the uncompress utility of
BusyBox expanded certain archive files compressed using Lempel-Ziv
compression. If a user were tricked into expanding a specially-crafted
archive file with uncompress, it could cause BusyBox to crash or,
potentially, execute arbitrary code with the privileges of the user
running BusyBox (CVE-2006-1168).
The BusyBox DHCP client, udhcpc, did not sufficiently sanitize certain
options provided in DHCP server replies, such as the client hostname. A
malicious DHCP server could send such an option with a specially-crafted
value to a DHCP client. If this option's value was saved on the client
system, and then later insecurely evaluated by a process that assumes the
option is trusted, it could lead to arbitrary code execution with the
privileges of that process. Note: udhcpc is not used on Red Hat Enterprise
Linux by default, and no DHCP client script is provided with the busybox
packages (CVE-2011-2716).
Updated Packages:
busybox-1.18.4-1.1.mga1
busybox-static-1.18.4-1.1.mga1
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2716
https://rhn.redhat.com/errata/RHSA-2012-0810.html
https://bugs.mageia.org/show_bug.cgi?id=6673
