USN-6335-1: BusyBox vulnerabilities

Read Time:34 Second

It was discovered that BusyBox incorrectly handled certain malformed gzip
archives. If a user or automated system were tricked into processing a
specially crafted gzip archive, a remote attacker could use this issue to
cause BusyBox to crash, resulting in a denial of service, or execute
arbitrary code. This issue only affected Ubuntu 14.04 LTS.
(CVE-2021-28831)

It was discovered that BusyBox did not properly validate user input when
performing certain arithmetic operations. If a user or automated system
were tricked into processing a specially crafted file, an attacker could
possibly use this issue to cause BusyBox to crash, resulting in a denial
of service, or execute arbitrary code. (CVE-2022-48174)

Major Online Platform for Child Exploitation Dismantled

CrushFTP Vulnerability Exploited Following Disclosure Issues

HellCat ransomware: what you need to know

Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware

Web 3.0 Requires Data Integrity

Sensitive Data Breached in Highline Schools Ransomware Incident

Over Half of Attacks on Electricity and Water Firms Are Destructive

Nearly 600 Phishing Domains Emerge Following Bybit Heist

CISO: Chief Cybersecurity Warrior Leader

USN-6335-1: BusyBox vulnerabilities

xz-5.8.1-1.fc40

xz-5.8.1-1.fc41

xz-5.8.1-1.fc42

USN-7414-1: XZ Utils vulnerability

chromium-135.0.7049.52-2.fc40

chromium-135.0.7049.52-1.fc41