CVE-2024-58251

CVSS 2.5 LOWEPSS 0.2%CWE-150

In netstat in BusyBox through 1.37.0, local users can launch of network application with an argv[0] containing an ANSI terminal escape sequence, leading to a denial of service (terminal locked up) when netstat is used by a victim.

CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

Productos afectados

BusyBox · BusyBox

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugs.busybox.net/show_bug.cgi?id=15922 https://www.busybox.net https://www.busybox.net/downloads/http://www.openwall.com/lists/oss-security/2025/04/23/6