Signature Detail

DHCP: BusyBox Project BusyBox udhcp Option CVE-2018-20679 Out of Bounds Read

This signature detects attempts to exploit a known vulnerability against udhcp module of BusyBox. Successful exploitation of this vulnerability could result in disclosure of sensitive information.

Extended Description

An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcp_get_option() in networking/udhcp/common.c that 4-byte options are indeed 4 bytes.

Affected Products

• Busybox busybox -
• Busybox busybox 0.38
• Busybox busybox 0.39
• Busybox busybox 0.40
• Busybox busybox 0.41
• Busybox busybox 0.42
• Busybox busybox 0.43
• Busybox busybox 0.45
• Busybox busybox 0.46
• Busybox busybox 0.47
• Busybox busybox 0.48
• Busybox busybox 0.49
• Busybox busybox 0.50
• Busybox busybox 0.51
• Busybox busybox 0.52
• Busybox busybox 0.60.0
• Busybox busybox 0.60.1
• Busybox busybox 0.60.2
• Busybox busybox 0.60.3
• Busybox busybox 0.60.4
• Busybox busybox 0.60.5
• Busybox busybox 1.00
• Busybox busybox 1.0.0
• Busybox busybox 1.01
• Busybox busybox 1.1.0
• Busybox busybox 1.10.0
• Busybox busybox 1.10.1
• Busybox busybox 1.10.2
• Busybox busybox 1.10.3
• Busybox busybox 1.10.4
• Busybox busybox 1.1.1
• Busybox busybox 1.11.0
• Busybox busybox 1.11.1
• Busybox busybox 1.11.2
• Busybox busybox 1.11.3
• Busybox busybox 1.1.2
• Busybox busybox 1.12.0
• Busybox busybox 1.12.1
• Busybox busybox 1.12.2
• Busybox busybox 1.12.3
• Busybox busybox 1.12.4
• Busybox busybox 1.1.3
• Busybox busybox 1.13.0
• Busybox busybox 1.13.1
• Busybox busybox 1.13.2
• Busybox busybox 1.13.3
• Busybox busybox 1.13.4
• Busybox busybox 1.14.0
• Busybox busybox 1.14.1
• Busybox busybox 1.14.2
• Busybox busybox 1.14.3
• Busybox busybox 1.14.4
• Busybox busybox 1.15.0
• Busybox busybox 1.15.1
• Busybox busybox 1.15.2
• Busybox busybox 1.15.3
• Busybox busybox 1.16.0
• Busybox busybox 1.16.1
• Busybox busybox 1.16.2
• Busybox busybox 1.17.0
• Busybox busybox 1.17.1
• Busybox busybox 1.17.2
• Busybox busybox 1.17.3
• Busybox busybox 1.17.4
• Busybox busybox 1.18.0
• Busybox busybox 1.18.1
• Busybox busybox 1.18.2
• Busybox busybox 1.18.3
• Busybox busybox 1.18.4
• Busybox busybox 1.18.5
• Busybox busybox 1.19.0
• Busybox busybox 1.19.1
• Busybox busybox 1.19.2
• Busybox busybox 1.19.3
• Busybox busybox 1.19.4
• Busybox busybox 1.2.0
• Busybox busybox 1.20.0
• Busybox busybox 1.20.1
• Busybox busybox 1.20.2
• Busybox busybox 1.2.1
• Busybox busybox 1.21.0
• Busybox busybox 1.21.1
• Busybox busybox 1.2.2
• Busybox busybox 1.22.0
• Busybox busybox 1.2.2.1
• Busybox busybox 1.22.1
• Busybox busybox 1.23.0
• Busybox busybox 1.23.1
• Busybox busybox 1.23.2
• Busybox busybox 1.24.0
• Busybox busybox 1.24.1
• Busybox busybox 1.24.2
• Busybox busybox 1.25.0
• Busybox busybox 1.25.1
• Busybox busybox 1.26.0
• Busybox busybox 1.26.1
• Busybox busybox 1.26.2
• Busybox busybox 1.27.0
• Busybox busybox 1.27.1
• Busybox busybox 1.27.2
• Busybox busybox 1.28.0
• Busybox busybox 1.28.1
• Busybox busybox 1.28.2
• Busybox busybox 1.28.3
• Busybox busybox 1.28.4
• Busybox busybox 1.29.0
• Busybox busybox 1.29.1
• Busybox busybox 1.29.2
• Busybox busybox 1.29.3
• Busybox busybox 1.3.0
• Busybox busybox 1.3.1
• Busybox busybox 1.3.2
• Busybox busybox 1.4.0
• Busybox busybox 1.4.1
• Busybox busybox 1.4.2
• Busybox busybox 1.5.0
• Busybox busybox 1.5.1
• Busybox busybox 1.5.2
• Busybox busybox 1.6.0
• Busybox busybox 1.6.1
• Busybox busybox 1.6.2
• Busybox busybox 1.7.0
• Busybox busybox 1.7.1
• Busybox busybox 1.7.2
• Busybox busybox 1.7.3
• Busybox busybox 1.7.4
• Busybox busybox 1.7.5
• Busybox busybox 1.8.0
• Busybox busybox 1.8.1
• Busybox busybox 1.8.2
• Busybox busybox 1.8.3
• Busybox busybox 1.9.0
• Busybox busybox 1.9.1
• Busybox busybox 1.9.2
• Canonical ubuntu_linux 14.04
• Canonical ubuntu_linux 16.04
• Canonical ubuntu_linux 18.04
• Canonical ubuntu_linux 18.10

References

• CVE: CVE-2018-20679
• URL: https://git.busybox.net/busybox/commit/?id=6d3b4bb24da9a07c263f3c1acf8df85382ff562c