{ "document": { "aggregate_severity": { "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" }, { "category": "details", "text": "* SECURITY UPDATE: missing SSL certificate validation vulnerability in wget\n - debian/patches/CVE-2018-1000500-1.patch: implement TLS verification with\n CENABLE_FEATURE_WGET_OPENSSL\n - debian/patches/CVE 2018-1000500-2.patch: fix openssl options for cert verification\n - CVE-2018-1000500\n * SECURITY UPDATE: escape sequence injection attack\n - debian/patches/CVE-2022-28391-1.patch: sockaddr2str: ensure only printable\n characters are returned for the hostname part\n - debian/patches/CVE-2022-28391-2.patch: nslookup: sanitize all printed strings\n - CVE-2022-28391\n * SECURITY UPDATE: directory traversal vulnerability in CPIO command\n - debian/patches/CVE-2023-39810.patch: archival: disallow path traversals\n - debian/config/pkg/*: regenerate to add the new FEATURE_PATH_TRAVERSAL_PROTECTION\n option\n - CVE-2023-39810", "title": "Details" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/debian10els/advisories/2025/clsa-2025_1762269073.json" }, { "category": "self", "summary": "https://cve.tuxcare.com/els/releases/CLSA-2025:1762269073", "url": "https://cve.tuxcare.com/els/releases/CLSA-2025:1762269073" } ], "tracking": { "current_release_date": "2025-11-04T15:12:13Z", "generator": { "date": "2025-11-04T15:12:13Z", "engine": { "name": "pyCSAF" } }, "id": "CLSA-2025:1762269073", "initial_release_date": "2025-11-04T15:12:13Z", "revision_history": [ { "date": "2025-11-04T15:12:13Z", "number": "1", "summary": "Initial version" } ], "status": "final", "version": "1" }, "title": "Fix CVE(s): CVE-2018-1000500, CVE-2022-28391, CVE-2023-39810" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Debian None", "product": { "name": "Debian None", "product_id": "Debian-10", "product_identification_helper": { "cpe": "cpe:2.3:o:debian:debian_linux:10:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Debian" } ], "category": "vendor", "name": "Software in the Public Interest, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "udhcpd-1:1.30.1-4+tuxcare.els3.amd64", "product": { "name": "udhcpd-1:1.30.1-4+tuxcare.els3.amd64", "product_id": "udhcpd-1:1.30.1-4+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/udhcpd@1.30.1-4%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "busybox-1:1.30.1-4+tuxcare.els3.amd64", "product": { "name": "busybox-1:1.30.1-4+tuxcare.els3.amd64", "product_id": "busybox-1:1.30.1-4+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/busybox@1.30.1-4%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "product": { "name": "busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "product_id": "busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/busybox-static@1.30.1-4%2Btuxcare.els3?arch=amd64" } } }, { "category": "product_version", "name": "udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "product": { "name": "udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "product_id": "udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "product_identification_helper": { "purl": "pkg:deb/tuxcare/udhcpc@1.30.1-4%2Btuxcare.els3?arch=amd64" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "product": { "name": "busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "product_id": "busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "product_identification_helper": { "purl": "pkg:deb/tuxcare/busybox-syslogd@1.30.1-4%2Btuxcare.els3?arch=all" } } } ], "category": "architecture", "name": "all" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "udhcpd-1:1.30.1-4+tuxcare.els3.amd64 as a component of Debian None", "product_id": "Debian-10:udhcpd-1:1.30.1-4+tuxcare.els3.amd64" }, "product_reference": "udhcpd-1:1.30.1-4+tuxcare.els3.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "busybox-1:1.30.1-4+tuxcare.els3.amd64 as a component of Debian None", "product_id": "Debian-10:busybox-1:1.30.1-4+tuxcare.els3.amd64" }, "product_reference": "busybox-1:1.30.1-4+tuxcare.els3.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "busybox-syslogd-1:1.30.1-4+tuxcare.els3.all as a component of Debian None", "product_id": "Debian-10:busybox-syslogd-1:1.30.1-4+tuxcare.els3.all" }, "product_reference": "busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "busybox-static-1:1.30.1-4+tuxcare.els3.amd64 as a component of Debian None", "product_id": "Debian-10:busybox-static-1:1.30.1-4+tuxcare.els3.amd64" }, "product_reference": "busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "relates_to_product_reference": "Debian-10" }, { "category": "default_component_of", "full_product_name": { "name": "udhcpc-1:1.30.1-4+tuxcare.els3.amd64 as a component of Debian None", "product_id": "Debian-10:udhcpc-1:1.30.1-4+tuxcare.els3.amd64" }, "product_reference": "udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "relates_to_product_reference": "Debian-10" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-1000500", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "notes": [ { "category": "description", "text": "Busybox contains a Missing SSL certificate validation vulnerability in The \"busybox wget\" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using \"busybox wget https://compromised-domain.com/important-file\".", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-10:busybox-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "Debian-10:udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:udhcpd-1:1.30.1-4+tuxcare.els3.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2018-1000500" }, { "category": "external", "summary": "http://lists.busybox.net/pipermail/busybox/2018-May/086462.html", "url": "http://lists.busybox.net/pipermail/busybox/2018-May/086462.html" }, { "category": "external", "summary": "https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91", "url": "https://git.busybox.net/busybox/commit/?id=45fa3f18adf57ef9d743038743d9c90573aeeb91" }, { "category": "external", "summary": "https://usn.ubuntu.com/4531-1/", "url": "https://usn.ubuntu.com/4531-1/" } ], "release_date": "2018-06-26T16:29:00Z", "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Debian-10:busybox-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "Debian-10:udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:udhcpd-1:1.30.1-4+tuxcare.els3.amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2023-39810", "cwe": { "id": "CWE-22", "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" }, "notes": [ { "category": "description", "text": "An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-10:busybox-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "Debian-10:udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:udhcpd-1:1.30.1-4+tuxcare.els3.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2023-39810" }, { "category": "external", "summary": "http://busybox.com", "url": "http://busybox.com/" }, { "category": "external", "summary": "https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/", "url": "https://www.pentagrid.ch/en/blog/busybox-cpio-directory-traversal-vulnerability/" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2025/04/23/1", "url": "http://www.openwall.com/lists/oss-security/2025/04/23/1" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2025/04/23/2", "url": "http://www.openwall.com/lists/oss-security/2025/04/23/2" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2025/04/23/3", "url": "http://www.openwall.com/lists/oss-security/2025/04/23/3" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2025/04/24/2", "url": "http://www.openwall.com/lists/oss-security/2025/04/24/2" } ], "release_date": "2023-08-28T19:15:00Z", "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Debian-10:busybox-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "Debian-10:udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:udhcpd-1:1.30.1-4+tuxcare.els3.amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] }, { "cve": "CVE-2022-28391", "notes": [ { "category": "description", "text": "BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Debian-10:busybox-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "Debian-10:udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:udhcpd-1:1.30.1-4+tuxcare.els3.amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2022-28391" }, { "category": "external", "summary": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch", "url": "https://git.alpinelinux.org/aports/plain/main/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch" }, { "category": "external", "summary": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch", "url": "https://git.alpinelinux.org/aports/plain/main/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch" }, { "category": "external", "summary": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661", "url": "https://gitlab.alpinelinux.org/alpine/aports/-/issues/13661" } ], "release_date": "2022-04-03T21:15:00Z", "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Debian-10:busybox-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-static-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:busybox-syslogd-1:1.30.1-4+tuxcare.els3.all", "Debian-10:udhcpc-1:1.30.1-4+tuxcare.els3.amd64", "Debian-10:udhcpd-1:1.30.1-4+tuxcare.els3.amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ] } ] }