BusyBox v1.38 DoS via use-after-free in awk_sub (AWK)
CVE-2026-38753 Published on July 15, 2026
A use-after-free in the awk_sub() function (editors/awk.c) of Busybox v1.38.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted AWK script.
Products Associated with CVE-2026-38753
Want to know whenever a new CVE is published for Busybox? stack.watch will email you.