PT-2021-11005 · Unknown · Radare2-Extras
Jjy-Sec
·
Published
2021-07-14
·
Updated
2022-10-26
·
CVE-2020-24133
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Radare2-extras versions before commit e74a93c
Description:
A heap buffer overflow vulnerability in the
r asm swf disass function allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.Recommendations:
For versions before commit e74a93c, update to a version that includes the fix for the heap buffer overflow vulnerability in the
r asm swf disass function. As a temporary workaround, consider disabling the r asm swf disass function until a patch is available.Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Radare2-Extras