A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.

Project Subscriptions

Vendors Products
Busybox Subscribe
Busybox Subscribe
Siemens Subscribe
Scalance Sc622-2c Subscribe
Scalance Sc622-2c Firmware Subscribe
Scalance Sc626-2c Subscribe
Scalance Sc626-2c Firmware Subscribe
Scalance Sc632-2c Subscribe
Scalance Sc632-2c Firmware Subscribe
Scalance Sc636-2c Subscribe
Scalance Sc636-2c Firmware Subscribe
Scalance Sc642-2c Subscribe
Scalance Sc642-2c Firmware Subscribe
Scalance Sc646-2c Subscribe
Scalance Sc646-2c Firmware Subscribe
Advisories
Source ID Title
EUVD EUVD EUVD-2022-35279 A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Tue, 07 Jul 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-07-07T18:25:51.824Z

Reserved: 2022-05-02T00:00:00.000Z

Link: CVE-2022-30065

cve-icon Vulnrichment

Updated: 2024-08-03T06:40:47.557Z

cve-icon NVD

Status : Modified

Published: 2022-05-18T15:15:10.240

Modified: 2026-06-17T04:43:02.373

Link: CVE-2022-30065

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-05-18T00:00:00Z

Links: CVE-2022-30065 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses