Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-20459

Опубликовано: 25 дек. 2018
Источник: nvd
CVSS3: 5.5
CVSS2: 4.3
EPSS Низкий

Описание

In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*
Версия до 3.1.3 (включая)

EPSS

Процентиль: 40%
0.00179
Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

ubuntu логотип

CVE-2018-20459

CVSS3: 5.5
ubuntu
около 7 лет назад

In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457.

debian логотип

CVE-2018-20459

CVSS3: 5.5
debian
около 7 лет назад

In radare2 through 3.1.3, the armass_assemble function in libr/asm/arc ...

github логотип

GHSA-q3jx-mgc3-c89p

CVSS3: 5.5
github
больше 3 лет назад

In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457.

EPSS

Процентиль: 40%
0.00179
Низкий

5.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-125