PT-2019-12971 · Radare2+1 · Radare2+1
Publicado
2019-06-15
·
Atualizado
2021-07-21
·
CVE-2019-12829
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
radare2 versions prior to 3.5.1
Description
The issue is related to the mishandling of the RParse API, which can be exploited by remote attackers to cause a denial of service, resulting in an application crash, or possibly have other unspecified impacts. This is demonstrated by newstr buffer overflows during replace operations, affecting specific files such as libr/asm/asm.c and libr/parse/parse.c.
Recommendations
For versions prior to 3.5.1, update to version 3.5.1 or later to resolve the issue.
Exploit
Correção
DoS
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Alt Linux
Radare2