CVE-2020-27795

Опубликовано: 19 авг. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn).

Ссылки

https://github.com/radareorg/radare2/commit/4d3811681a80f92a53e795f6a64c4b0fc2c8dd22
Patch
Third Party Advisory
https://github.com/radareorg/radare2/issues/16215
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/radareorg/radare2/pull/16230
Issue Tracking
Patch
Third Party Advisory
https://github.com/radareorg/radare2/commit/4d3811681a80f92a53e795f6a64c4b0fc2c8dd22
Patch
Third Party Advisory
https://github.com/radareorg/radare2/issues/16215
Exploit
Issue Tracking
Patch
Third Party Advisory
https://github.com/radareorg/radare2/pull/16230
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*

Версия до 4.4.0 (исключая)

EPSS

Процентиль: 65%

0.00501

Низкий

7.5 High

CVSS3

Дефекты

CWE-908

Связанные уязвимости

CVE-2020-27795

CVSS3: 7.5

ubuntu

больше 3 лет назад

CVE-2020-27795

CVSS3: 7.5

debian

больше 3 лет назад

A segmentation fault was discovered in radare2 with adf command. In li ...

GHSA-r23c-h6ff-98mj

CVSS3: 7.5

github

больше 3 лет назад

EPSS

Процентиль: 65%

0.00501

Низкий

7.5 High

CVSS3

Дефекты

CWE-908