{"id":"CLSA-2026-1776960429","summary":"busybox: Fix of 4 CVEs","details":"- CVE-2018-1000517: fix heap buffer overflow in wget chunked decoding\n- CVE-2017-16544: reject terminal control sequences in shell tab completion\n- CVE-2018-20679: reject zero-length DHCP options and validate 4-byte option lengths\n- CVE-2019-5747: validate DHCP_SUBNET option length before decoding","modified":"2026-05-27T11:34:00.766741553Z","published":"2026-04-25T08:51:57Z","upstream":["CVE-2017-16544","CVE-2018-1000517","CVE-2018-20679","CVE-2019-5747"],"references":[{"type":"ADVISORY","url":"https://errata.tuxcare.com/els_os/centos6els/CLSA-2026-1776960429.html"}],"affected":[{"package":{"name":"busybox","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/busybox?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.15.1-21.el6_6.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776960429.json"}},{"package":{"name":"busybox-petitboot","ecosystem":"TuxCare:CentOS:6","purl":"pkg:rpm/tuxcare/busybox-petitboot?distro=centos-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.15.1-21.el6_6.tuxcare.els3"}]}],"database_specific":{"source":"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos6els/CLSA-2026-1776960429.json"}}],"schema_version":"1.7.5"}