Published: 22/08/2023 Updated: 28/08/2023

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 0

There is a stack overflow vulnerability in ash.c:6030 in busybox prior to 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.

Vulnerable Product	Search on Vulmon	Subscribe to Product
busybox busybox

Debian Bug report logs - #1059049 busybox: CVE-2022-48174 Package: src:busybox; Maintainer for src:busybox is Debian Install System Team <debian-boot@listsdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Tue, 19 Dec 2023 21:21:01 UTC Severity: important Tags: security, upstream Forwarded to ht ...

There is a stack overflow vulnerability in ashc:6030 in busybox before 135 In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution (CVE-2022-48174) ...

DescriptionThe MITRE CVE dictionary describes this issue as: There is a stack overflow vulnerability in ashc:6030 in busybox before 135 In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution ...

SBOM-CLI tool Please download the vulnerability-reports folder and place it in SBOM-CLI module: vulnerability-reports directory can be downloaded from here This also contains all the (National Vulnerability Database)NVD CPE/CWE data (recommended) Clone the repository git clone git@githubcom:nqminds/sbom-cligit Ensure node and npm a

CWE-787 https://bugs.busybox.net/show_bug.cgi?id=15216 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059049 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2023-1832.html

CVE-2022-48174

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect