[Bug 15216] There is a stack overflower in ash of busybox. Here is asan report.
bugzilla at busybox.net
bugzilla at busybox.net
Wed Mar 6 21:49:18 UTC 2024
https://bugs.busybox.net/show_bug.cgi?id=15216
--- Comment #5 from John Ata <john.ata at baesystems.com> ---
It seems that 1.36.1 did not have the patch that fixes the problem even though
the bug was marked as resolved fixed. I suspect that the various symbol
definitions just moved things on the stack to sometimes cause problems with the
incorrect allocation size. So I wonder why the CVE was marked as fixed in 1.35.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the busybox-cvs
mailing list