Vulnerability Details : CVE-2021-42379

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function

Vulnerability category: Memory CorruptionDenial of service

Published 2021-11-15 21:15:08

Updated 2023-04-25 21:15:10

Source JFrog

View at NVD, CVE.org

Threat overview for CVE-2021-42379

Top countries where our scanners detected CVE-2021-42379

Top open port discovered on systems with this issue 443

IPs affected by CVE-2021-42379 354,970

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2021-42379!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2021-42379

Probability of exploitation activity in the next 30 days: 0.24%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 62 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2021-42379

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P	8.0	6.4	nvd@nist.gov
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.2	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	1.2	5.9	nvd@nist.gov
Attack Vector: Network Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-42379

CWE-416 Use After Free

Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
Assigned by:
- nvd@nist.gov (Primary)
- reefs@jfrog.com (Secondary)

References for CVE-2021-42379

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UQXGOGWBIYWOIVXJVRKHZR34UMEHQBXS/

[SECURITY] Fedora 33 Update: busybox-1.34.1-1.fc33 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url
https://security.netapp.com/advisory/ntap-20211223-0002/

November 2021 BusyBox Vulnerabilities in NetApp Products | NetApp Product Security
Third Party Advisory

CVEs referencing this url
https://claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-claroty-jfrog

Unboxing BusyBox: 14 Vulnerabilities Uncovered by Claroty, JFrog | Claroty

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T2TURBYYJGBMQTTN2DSOAIQGP7WCPGV/

[SECURITY] Fedora 34 Update: busybox-1.34.1-1.fc34 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url
https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/

Unboxing BusyBox - 14 new vulnerabilities uncovered by Claroty and JFrog | JFrog
Third Party Advisory

CVEs referencing this url

Products affected by CVE-2021-42379

Busybox » Busybox
Versions from including (>=) 1.18.0 and up to, including, (<=) 1.33.1
cpe:2.3:a:busybox:busybox:*:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 33
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 34
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*
Matching versions