Amazon Linux 1 Security Advisory: ALAS-2023-1786
Advisory Release Date: 2023-07-13 23:57 Pacific
Advisory Updated Date: 2023-07-19 21:51 Pacific
A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. (CVE-2022-30065)
Affected Packages:
busybox
Issue Correction:
Run yum update busybox to update your system.
i686:
busybox-debuginfo-1.34.1-1.15.amzn1.i686
busybox-1.34.1-1.15.amzn1.i686
busybox-petitboot-1.34.1-1.15.amzn1.i686
src:
busybox-1.34.1-1.15.amzn1.src
x86_64:
busybox-petitboot-1.34.1-1.15.amzn1.x86_64
busybox-1.34.1-1.15.amzn1.x86_64
busybox-debuginfo-1.34.1-1.15.amzn1.x86_64