CVE-2022-28391:

Overview

Severity

High (CVSS 8.8)

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploit Status

Not Exploited

Patch Tuesday

2024-Jun

Released

2022-04-13

Last Updated

2024-06-30

EPSS Score

2.39% (percentile: 85.0%)

Affected Products (16)

Open Source Software

• busybox-1.34.1-2.cm1.x86_64.rpm on CBL Mariner 1.0 x64
• busybox-petitboot-1.34.1-2.cm1.x86_64.rpm on CBL Mariner 1.0 x64
• busybox-debuginfo-1.34.1-2.cm1.x86_64.rpm on CBL Mariner 1.0 x64
• busybox-1.34.1-2.cm1.aarch64.rpm on CBL Mariner 1.0 ARM
• busybox-petitboot-1.34.1-2.cm1.aarch64.rpm on CBL Mariner 1.0 ARM
• busybox-debuginfo-1.34.1-2.cm1.aarch64.rpm on CBL Mariner 1.0 ARM
• busybox-1.35.0-2.cm2.x86_64.rpm on CBL Mariner 2.0 x64
• busybox-petitboot-1.35.0-2.cm2.x86_64.rpm on CBL Mariner 2.0 x64
• busybox-debuginfo-1.35.0-2.cm2.x86_64.rpm on CBL Mariner 2.0 x64
• busybox-1.35.0-2.cm2.aarch64.rpm on CBL Mariner 2.0 ARM
• busybox-petitboot-1.35.0-2.cm2.aarch64.rpm on CBL Mariner 2.0 ARM
• busybox-debuginfo-1.35.0-2.cm2.aarch64.rpm on CBL Mariner 2.0 ARM
• busybox-1.36.1-5.azl3.x86_64.rpm on Azure Linux 3.0 x64
• busybox-petitboot-1.36.1-5.azl3.x86_64.rpm on Azure Linux 3.0 x64
• busybox-1.36.1-5.azl3.aarch64.rpm on Azure Linux 3.0 ARM
• busybox-petitboot-1.36.1-5.azl3.aarch64.rpm on Azure Linux 3.0 ARM

Revision History

• 2022-04-13: Information published.
• 2022-04-14: Added busybox to CBL-Mariner 1.0
• 2024-06-30: Information published.