Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2022-28391

An escape sequence injection attack was found in BusyBox on Alpine. For this issue to occur, a remote host's virtual terminal must contain an escape sequence, and the victim must then execute netstat. This flaw allows an attacker can inject arbitrary code, leading to a loss of integrity. (CVE-2022-28391)

Source

ALAS-2022-1608

Amazon Linux AMI Security Advisory: ALAS-2022-1608
Advisory Release Date: 2022-06-30 23:38 Pacific
Advisory Updated Date: 2022-07-06 23:56 Pacific

Severity: Medium

References: CVE-2022-28391

Issue Overview:

An escape sequence injection attack was found in BusyBox on Alpine. For this issue to occur, a remote host's virtual terminal must contain an escape sequence, and the victim must then execute netstat. This flaw allows an attacker can inject arbitrary code, leading to a loss of integrity. (CVE-2022-28391)

Affected Packages:

busybox

Issue Correction:
Run yum update busybox to update your system.

New Packages:

i686:
    busybox-petitboot-1.34.1-1.14.amzn1.i686
    busybox-debuginfo-1.34.1-1.14.amzn1.i686
    busybox-1.34.1-1.14.amzn1.i686

src:
    busybox-1.34.1-1.14.amzn1.src

x86_64:
    busybox-petitboot-1.34.1-1.14.amzn1.x86_64
    busybox-1.34.1-1.14.amzn1.x86_64
    busybox-debuginfo-1.34.1-1.14.amzn1.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2022-1608

ALAS-2022-1608

Vulmon Search

About

Products

Connect