公告ID: KYLIN-2019-5747
安全等级: 中等
产品: Kylin V3
发布日期: 2019年1月9日
CVE: CVE-2019-5747
CVSS3评分: 6.5
概述:
None 描述:
An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) might allow a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to assurance of a 4-byte length when decoding DHCP_SUBNET. NOTE: this issue exists because of an incomplete fix for CVE-2018-20679. 系统版本:
KYLIN 3.0.x
KYLIN 3.2.x
受影响包列表:
busybox
busybox