In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.
References
Link | Resource |
---|---|
https://github.com/radare/radare2/issues/12375 | Exploit Third Party Advisory |
https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267 | Patch Third Party Advisory |
Configurations
Information
Published : 2018-12-25 11:29
Updated : 2018-12-31 06:15
NVD link : CVE-2018-20461
Mitre link : CVE-2018-20461
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
radare
- radare2