What is CVE-2021-42385?

CVE-2021-42385 is a vulnerability in Busybox, classified under Use After Free. Published 2021-11-15.

Is CVE-2021-42385 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Use After Free in Busybox

CVE-2021-42385

A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function

Vulnerability class: Use-After-Free

EPSS: 0.003 (53.0th percentile) — read the EPSS interpretation.

Affected products

Busybox — versions unspecified

Weakness classification (CWE)

CWE-416 — Use After Free

Public proof-of-concept exploits

ChrisAdkin8/Nomad-Job-Vulnerability-Tagging
isgo-golgo13/gokit-gorillakit-enginesvc

References

jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and…
FEDORA-2021-5a95823596 (vendor-advisory)
FEDORA-2021-c52c0fe490 (vendor-advisory)
security.netapp.com/advisory/ntap-20211223-0002/
claroty.com/team82/research/unboxing-busybox-14-vulnerabilities-uncovered-by-cl…

Frequently asked questions

What is CVE-2021-42385?: CVE-2021-42385 is a vulnerability in Busybox, classified under Use After Free. Published 2021-11-15.
Is CVE-2021-42385 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.