getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2.
References
Link | Resource |
---|---|
https://github.com/radare/radare2/issues/12239 | Exploit Third Party Advisory |
https://github.com/radare/radare2/commit/66191f780863ea8c66ace4040d0d04a8842e8432 | Patch Third Party Advisory |
Configurations
Information
Published : 2018-12-04 01:29
Updated : 2018-12-31 06:22
NVD link : CVE-2018-19842
Mitre link : CVE-2018-19842
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
radare
- radare2