Gsharpsh00Ter

Name of the Vulnerable Software and Affected Versions: graphite2 version 1.3.11 Description: A NULL pointer dereference issue was discovered in Segment.cpp during a dumbRendering operation. This may allow attackers to cause a denial of service or possibly have other unspecified impacts via a crafted .ttf file. Recommendations: For graphite2 version 1.3.11, consider avoiding the use of crafted .ttf files until a patch is available. As a temporary workaround, restrict access to the dumbRendering operation in Segment.cpp to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 version 2.0.1 **Description** A memory corruption issue exists due to improper sh size validation when allocating memory. This is demonstrated by an invalid free in the store versioninfo gnu verdef() and store versioninfo gnu verneed() functions in libr/bin/format/elf/elf.c. **Recommendations** For radare2 version 2.0.1, as a temporary workaround, consider restricting access to the affected functions store versioninfo gnu verdef() and store versioninfo gnu verneed() until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** radare2 version 2.0.1 **Description** An out-of-bounds read issue exists in the string scan range() function in libr/bin/bin.c when performing a string search. **Recommendations** For radare2 version 2.0.1, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** radare2 version 2.0.1 **Description** A pointer wraparound issue exists in the store versioninfo gnu verdef() function in libr/bin/format/elf/elf.c. **Recommendations** For radare2 version 2.0.1, consider updating to a newer version that contains a fix for this issue, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 version 2.0.1 **Description** The issue exists in the store versioninfo gnu verneed() function in libr/bin/format/elf/elf.c, where an integer exception occurs due to a negative number leading to an invalid memory access. This can be triggered via crafted ELF files on 32-bit systems. **Recommendations** For radare2 version 2.0.1, consider updating to a newer version that contains a fix for this issue, as no specific workaround is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.