[Bug 15216] There is a stack overflower in ash of busybox. Here is asan report.

bugzilla at busybox.net bugzilla at busybox.net
Wed Mar 6 21:49:18 UTC 2024


https://bugs.busybox.net/show_bug.cgi?id=15216

--- Comment #5 from John Ata <john.ata at baesystems.com> ---
It seems that 1.36.1 did not have the patch that fixes the problem even though
the bug was marked as resolved fixed. I suspect that the various symbol
definitions just moved things on the stack to sometimes cause problems with the
incorrect allocation size. So I wonder why the CVE was marked as fixed in 1.35.

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the busybox-cvs mailing list