git.openwrt.org Git - openwrt/staging/dedeckeh.git/commit

projects / openwrt / staging / dedeckeh.git / commit

author	Hauke Mehrtens <hauke@hauke-m.de>
	Tue, 1 Nov 2022 14:23:17 +0000 (15:23 +0100)
committer	Hauke Mehrtens <hauke@hauke-m.de>
	Sat, 5 Nov 2022 21:07:09 +0000 (22:07 +0100)
commit	8b383ee2a0d21144258346ad39006fc499d04b4f
tree	ea644572a8fc693e84f995d30189a6ccbcb5910d	tree \| snapshot
parent	002a99eccd75fb653163bae0a1132bd4f494e7ad	commit \| diff

busybox: awk: fix use after free (CVE-2022-30065)

This backports a commit which fixes a use after free bug in awk.

CVE-2022-30065 description:
A use-after-free in Busybox 1.35-x's awk applet leads to denial of
service and possibly code execution when processing a crafted awk
pattern in the copyvar function.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

package/utils/busybox/patches/001-CVE-2022-30065-awk-fix-use-after-free.patch

[new file with mode: 0644]

blob

Staging tree of dedeckeh

RSS Atom