exploitDog

CVE-2023-47016

Опубликовано: 22 нояб. 2023

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

Ссылки

https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa
Exploit
Third Party Advisory
https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd
Patch
https://github.com/radareorg/radare2/issues/22349
Exploit
Patch
https://gist.github.com/gandalf4a/65705be4f84269cb7cd725a1d4ab2ffa
Exploit
Third Party Advisory
https://github.com/radareorg/radare2/commit/40c9f50e127be80b9d816bce2ab2ee790831aefd
Patch
https://github.com/radareorg/radare2/issues/22349
Exploit
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:*

Версия до 5.9.0 (исключая)

EPSS

Процентиль: 39%

0.00179

Низкий

7.5 High

CVSS3

Дефекты

CWE-787

CWE-787

Связанные уязвимости

CVE-2023-47016

CVSS3: 7.5

ubuntu

около 2 лет назад

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

CVE-2023-47016

CVSS3: 7.5

debian

около 2 лет назад

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in l ...

GHSA-xqp4-mm4v-p6r4

CVSS3: 7.5

github

около 2 лет назад

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

EPSS

Процентиль: 39%

0.00179

Низкий

7.5 High

CVSS3

Дефекты

CWE-787

CWE-787