Описание
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-apps/xenial | needs-triage |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers ...
The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3