Integer Overflow in get_next_block function in BusyBox 1.27.2

Integer Overflow in get_next_block function in BusyBox 1.27.2

CVE-2017-15873 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.

Learn more about our Web Application Penetration Testing UK.