A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given. Reference: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
Created busybox tracking bugs for this issue: Affects: fedora-all [bug 2023877]
This bug has new version update for 2023. As tested in the wild. Last 2monthsback Red Hat Bugzilla 2023-07-07 08:28:14 UTC Assignee: security-response-team → nobody