Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2022.0291 Security update for busybox 21 January 2022 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: busybox Publisher: SUSE Operating System: SUSE Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Create Arbitrary Files -- Existing Account Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Existing Account Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-42386 CVE-2021-42385 CVE-2021-42384 CVE-2021-42383 CVE-2021-42382 CVE-2021-42381 CVE-2021-42380 CVE-2021-42379 CVE-2021-42378 CVE-2021-42377 CVE-2021-42376 CVE-2021-42375 CVE-2021-42374 CVE-2021-42373 CVE-2021-28831 CVE-2019-5747 CVE-2018-1000517 CVE-2018-1000500 CVE-2018-20679 CVE-2017-16544 CVE-2017-15874 CVE-2017-15873 CVE-2016-6301 CVE-2016-2148 CVE-2016-2147 CVE-2015-9261 CVE-2011-5325 Reference: ESB-2021.4159 ESB-2021.3584 Original Bulletin: https://www.suse.com/support/update/announcement/2022/suse-su-20220135-1 - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for busybox ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0135-1 Rating: important References: #1064976 #1064978 #1069412 #1099260 #1099263 #1102912 #1121426 #1121428 #1184522 #1192869 #951562 #970662 #970663 #991940 Cross-References: CVE-2011-5325 CVE-2015-9261 CVE-2016-2147 CVE-2016-2148 CVE-2016-6301 CVE-2017-15873 CVE-2017-15874 CVE-2017-16544 CVE-2018-1000500 CVE-2018-1000517 CVE-2018-20679 CVE-2019-5747 CVE-2021-28831 CVE-2021-42373 CVE-2021-42374 CVE-2021-42375 CVE-2021-42376 CVE-2021-42377 CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42383 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386 Affected Products: SUSE Manager Server 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Proxy 4.1 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Enterprise Storage 7 SUSE Enterprise Storage 6 SUSE CaaS Platform 4.0 ______________________________________________________________________________ An update that fixes 27 vulnerabilities is now available. Description: This update for busybox fixes the following issues: o CVE-2011-5325: Fixed tar directory traversal (bsc#951562). o CVE-2015-9261: Fixed segfalts and application crashes in huft_build (bsc# 1102912). o CVE-2016-2147: Fixed out of bounds write (heap) due to integer underflow in udhcpc (bsc#970663). o CVE-2016-2148: Fixed heap-based buffer overflow in OPTION_6RD parsing (bsc# 970662). o CVE-2016-6301: Fixed NTP server denial of service flaw (bsc#991940). o CVE-2017-15873: Fixed integer overflow in get_next_block function in archival/libarchive/decompress_bunzip2.c (bsc#1064976). o CVE-2017-15874: Fixed integer underflow in archival/libarchive/ decompress_unlzma.c (bsc#1064978). o CVE-2017-16544: Fixed Insufficient sanitization of filenames when autocompleting (bsc#1069412). o CVE-2018-1000500 : Fixed missing SSL certificate validation in wget (bsc# 1099263). o CVE-2018-1000517: Fixed heap-based buffer overflow in the retrieve_file_data() (bsc#1099260). o CVE-2018-20679: Fixed out of bounds read in udhcp (bsc#1121426). o CVE-2019-5747: Fixed out of bounds read in udhcp components (bsc#1121428). o CVE-2021-28831: Fixed invalid free or segmentation fault via malformed gzip data (bsc#1184522). o CVE-2021-42373: Fixed NULL pointer dereference in man leading to DoS when a section name is supplied but no page argument is given (bsc#1192869). o CVE-2021-42374: Fixed out-of-bounds heap read in unlzma leading to information leak and DoS when crafted LZMA-compressed input is decompressed (bsc#1192869). o CVE-2021-42375: Fixed incorrect handling of a special element in ash leading to DoS when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters (bsc#1192869). o CVE-2021-42376: Fixed NULL pointer dereference in hush leading to DoS when processing a crafted shell command (bsc#1192869). o CVE-2021-42377: Fixed attacker-controlled pointer free in hush leading to DoS and possible code execution when processing a crafted shell command (bsc#1192869). o CVE-2021-42378: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the getvar_i function (bsc#1192869). o CVE-2021-42379: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the next_input_file function (bsc#1192869). o CVE-2021-42380: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the clrvar function (bsc#1192869). o CVE-2021-42381: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the hash_init function (bsc#1192869). o CVE-2021-42382: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the getvar_s function (bsc#1192869). o CVE-2021-42383: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the evaluate function (bsc#1192869). o CVE-2021-42384: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the handle_special function (bsc#1192869). o CVE-2021-42385: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the evaluate function (bsc#1192869). o CVE-2021-42386: Fixed use-after-free in awk leading to DoS and possibly code execution when processing a crafted awk pattern in the nvalloc function (bsc#1192869). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: o SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-135=1 o SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-135=1 o SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-135=1 o SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-135=1 o SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-135=1 o SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-135=1 o SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-135=1 o SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-135=1 o SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-135=1 o SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-135=1 o SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-135=1 o SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-135=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-135=1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-135=1 o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-135=1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-135=1 o SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-135=1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-135=1 o SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-135=1 o SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-135=1 o SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. I will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: o SUSE Manager Server 4.1 (ppc64le s390x x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Manager Retail Branch Server 4.1 (x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Manager Proxy 4.1 (x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise Server for SAP 15-SP1 (ppc64le x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): busybox-1.34.1-4.9.1 o SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise Server 15-SP1-LTSS (aarch64 ppc64le s390x x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise Server 15-SP1-BCL (x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): busybox-1.34.1-4.9.1 o SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (aarch64 x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (aarch64 x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): busybox-1.34.1-4.9.1 o SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): busybox-1.34.1-4.9.1 o SUSE Enterprise Storage 7 (aarch64 x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE Enterprise Storage 6 (aarch64 x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 o SUSE CaaS Platform 4.0 (x86_64): busybox-1.34.1-4.9.1 busybox-static-1.34.1-4.9.1 References: o https://www.suse.com/security/cve/CVE-2011-5325.html o https://www.suse.com/security/cve/CVE-2015-9261.html o https://www.suse.com/security/cve/CVE-2016-2147.html o https://www.suse.com/security/cve/CVE-2016-2148.html o https://www.suse.com/security/cve/CVE-2016-6301.html o https://www.suse.com/security/cve/CVE-2017-15873.html o https://www.suse.com/security/cve/CVE-2017-15874.html o https://www.suse.com/security/cve/CVE-2017-16544.html o https://www.suse.com/security/cve/CVE-2018-1000500.html o https://www.suse.com/security/cve/CVE-2018-1000517.html o https://www.suse.com/security/cve/CVE-2018-20679.html o https://www.suse.com/security/cve/CVE-2019-5747.html o https://www.suse.com/security/cve/CVE-2021-28831.html o https://www.suse.com/security/cve/CVE-2021-42373.html o https://www.suse.com/security/cve/CVE-2021-42374.html o https://www.suse.com/security/cve/CVE-2021-42375.html o https://www.suse.com/security/cve/CVE-2021-42376.html o https://www.suse.com/security/cve/CVE-2021-42377.html o https://www.suse.com/security/cve/CVE-2021-42378.html o https://www.suse.com/security/cve/CVE-2021-42379.html o https://www.suse.com/security/cve/CVE-2021-42380.html o https://www.suse.com/security/cve/CVE-2021-42381.html o https://www.suse.com/security/cve/CVE-2021-42382.html o https://www.suse.com/security/cve/CVE-2021-42383.html o https://www.suse.com/security/cve/CVE-2021-42384.html o https://www.suse.com/security/cve/CVE-2021-42385.html o https://www.suse.com/security/cve/CVE-2021-42386.html o https://bugzilla.suse.com/1064976 o https://bugzilla.suse.com/1064978 o https://bugzilla.suse.com/1069412 o https://bugzilla.suse.com/1099260 o https://bugzilla.suse.com/1099263 o https://bugzilla.suse.com/1102912 o https://bugzilla.suse.com/1121426 o https://bugzilla.suse.com/1121428 o https://bugzilla.suse.com/1184522 o https://bugzilla.suse.com/1192869 o https://bugzilla.suse.com/951562 o https://bugzilla.suse.com/970662 o https://bugzilla.suse.com/970663 o https://bugzilla.suse.com/991940 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYeo43ONLKJtyKPYoAQjlYw/8DbjiaujXG50FqdhJRLFEivchwTSMkDjg K4FG/QX7z01DUATwTofcP6UcHbOGsGdXIObGBWmVZTWMFlxNFjlyRundyFZ3Bawt iKhawUQFyacHoJAqHHRuwhaxhc9KG97ADsKEUbIrVnKeajval73WRYgbqXR5ClHa woS0NY4PmkGrrmkvKJIjcj/gVxDc21ZM/IXWczFR/nrHw5a/+ZyrcJ0I2v0jwDgP J5NstmTqkYIeoqUeyA0litNrFBMt4L1n5plsbkna4hOOtjXQKi4MtDKGPNMClHBb XN2osd7D1Lfcgo2OhXmb8vPKloDjZ0VVdQ53FBvyfXs5GQH9DvwJskzO2aYI7U+k sTDeNOwoaFks/m4POnMmBaxnPs4GqiUdRSt3HZa0dnwGhB4b8Ca0Xd5YPbdYyk2b B0eeFBN6/X6BLuB3HY4d2s53RglonsU8Ycfo5Mmat0oPwkOFBSjLPx5qjcZUyUTm adRbi48LDgP1P3Atd/kSvj3Hi91PLPCWlaTB+H4W6cB+QPwGmfjeTs+TR1SA61Hd hcNIRK8UuWROp99AMwyH9GOKqEIr0TnW6ytqqGem/I4CJvhRUi4LfKCCngEeZ+SW R6tOySDbJFytQHBS7FXYQqVvHi9BuQrdnyIN0K+FJ8OrBX1Gm/RJomkMnQma5mO3 FX56x7YuPSM= =VOg0 -----END PGP SIGNATURE-----