CVE-2022-0173
Out-of-bounds Read in radareorg/radare2
In short
radare2 has a flaw that allows reading memory beyond its intended boundaries, potentially exposing sensitive data or causing the program to crash. This occurs when the software processes specially crafted input without proper validation.
Technical detail
Out-of-bounds read vulnerability (CWE-125) in radare2 allows an attacker to read memory outside allocated buffers by providing malformed input. The vulnerability requires local or remote input processing depending on the attack vector, and impacts confidentiality through information disclosure or availability through denial of service.
Summary generated and translated by AI from the official description.
radare2 is vulnerable to Out-of-bounds Read
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected products
radareorg · radareorg/radare2Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73chttps://huntr.dev/bounties/727d8600-88bc-4dde-8dea-ee3d192600e5https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SKGIB52R4XPCPNEW6GF56EHW7ST24IJU/