A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. https://bugs.busybox.net/show_bug.cgi?id=14781
Created busybox tracking bugs for this issue: Affects: fedora-34 [bug 2089282] Affects: fedora-35 [bug 2089281]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-30065