CLSA-2021-1638804058

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1638804058.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2021-1638804058
Upstream
Published
2021-12-06T15:20:58Z
Modified
2026-06-04T10:03:44.019288627Z
Summary
Fix CVE(s): CVE-2021-42379, CVE-2021-42378, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386
Details
  • SECURITY UPDATE: use-after-free in concat op
    • debian/patches/CVE-awk-use-after-free.patch: second reference to a field reallocs/moves Fields[] array, but first ref still tries to use the element where it was before move.
    • CVE-2021-42378
    • CVE-2021-42379
    • CVE-2021-42380
    • CVE-2021-42381
    • CVE-2021-42382
    • CVE-2021-42383
    • CVE-2021-42384
    • CVE-2021-42385
    • CVE-2021-42386
    • debian/patches/CVE-awk-printf-buffer-overflow.patch: printf buffer overflow.
    • No CVE assigned (but mentioned by upstream maintainer as important at http://lists.busybox.net/pipermail/busybox/2021-November/089328.html).
References

Affected packages

TuxCare:Ubuntu:16.04
busybox

Package

Name
busybox
Purl
pkg:deb/tuxcare/busybox?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.22.0-15ubuntu1.4+tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1638804058.json"
busybox-initramfs

Package

Name
busybox-initramfs
Purl
pkg:deb/tuxcare/busybox-initramfs?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.22.0-15ubuntu1.4+tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1638804058.json"
busybox-static

Package

Name
busybox-static
Purl
pkg:deb/tuxcare/busybox-static?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.22.0-15ubuntu1.4+tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1638804058.json"
busybox-syslogd

Package

Name
busybox-syslogd
Purl
pkg:deb/tuxcare/busybox-syslogd?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.22.0-15ubuntu1.4+tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1638804058.json"
udhcpc

Package

Name
udhcpc
Purl
pkg:deb/tuxcare/udhcpc?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.22.0-15ubuntu1.4+tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1638804058.json"
udhcpd

Package

Name
udhcpd
Purl
pkg:deb/tuxcare/udhcpd?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2:1.22.0-15ubuntu1.4+tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1638804058.json"