Описание
In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| radare2 | fixed | 2.6.0+dfsg-1 | package | |
| radare2 | no-dsa | jessie | package | |
| radare2 | no-dsa | wheezy | package |
Примечания
https://github.com/radare/radare2/issues/9725
https://github.com/radare/radare2/commit/a88069940950999d5e2fd16cd7d16c7e956bf516
EPSS
Связанные уязвимости
In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.
In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.
In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file.
EPSS