It was discovered that BusyBox incorrectly handled certain malformed gzip
archives. If a user or automated system were tricked into processing a
specially crafted gzip archive, a remote attacker could use this issue to
cause BusyBox to crash, resulting in a denial of service, or execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS.
(CVE-2021-28831)
It was discovered that BusyBox did not properly validate user input when
performing certain arithmetic operations. If a user or automated system
were tricked into processing a specially crafted file, an attacker could
possibly use this issue to cause BusyBox to crash, resulting in a denial
of service, or execute arbitrary code. (CVE-2022-48174)
More Stories
xz-5.8.1-1.fc40
FEDORA-2025-258ab1c008 Packages in this update: xz-5.8.1-1.fc40 Update description: New upstream version 5.8.1 Read More
xz-5.8.1-1.fc41
FEDORA-2025-fec4b37bc7 Packages in this update: xz-5.8.1-1.fc41 Update description: New upstream version 5.8.1 Read More
xz-5.8.1-1.fc42
FEDORA-2025-76264ecf04 Packages in this update: xz-5.8.1-1.fc42 Update description: New upstream version 5.8.1 Read More
USN-7414-1: XZ Utils vulnerability
Harri K. Koskinen discovered that XZ Utils incorrectly handled the threaded xz decoder. If a user or automated system were...
chromium-135.0.7049.52-2.fc40
FEDORA-2025-609ed3aaa7 Packages in this update: chromium-135.0.7049.52-2.fc40 Update description: Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067:...
chromium-135.0.7049.52-1.fc41
FEDORA-2025-98dd4c4639 Packages in this update: chromium-135.0.7049.52-1.fc41 Update description: Update to 135.0.7049.52 High CVE-2025-3066: Use after free in Navigations Medium CVE-2025-3067:...