radare2 buffer overflow | CVE-2022-1714
NAME
radare2 buffer overflow
- Platforms Affected:
radare2 radare2 1.2.1
radare2 radare2 1.3.0
radare2 radare2 1.5.0
radare2 radare2 2.0.0
radare2 radare2 2.0.1
radare2 radare2 2.4.0
radare2 radare2 2.5.0
radare2 radare2 2.6.0
radare2 radare2 2.7.0
radare2 radare2 2.8.0
radare2 radare2 3.0.1
radare2 radare2 3.1.0
radare2 radare2 3.5.1
radare2 radare2 3.5.0
radare2 radare2 3.4.1
radare2 radare2 3.4.0
radare2 radare2 3.3.0
radare2 radare2 3.6.0
radare2 radare2 3.8.0
radare2 radare2 4.0
radare2 radare2 4.4.0
radare2 radare2 4.5.0
radare2 radare2 5.3.0
radare2 radare2 5.6.0
radare2 radare2 5.6.3
radare2 radare2 5.6.3
radare2 radare2 5.6.1
radare2 radare2 5.5.9
radare2 radare2 5.5.3
radare2 radare2 5.5.1
radare2 radare2 5.6.4
radare2 radare2 5.6.7 - Risk Level:
7.9 - Exploitability:
Proof of Concept - Consequences:
Gain Access
DESCRIPTION
radare2 is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by msp430_op. By sending a specially-crafted request, a local authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service.
CVSS 3.0 Information
- Privileges Required: Low
- User Interaction: None
- Scope: Changed
- Access Vector: Local
- Access Complexity: Low
- Confidentiality Impact: Low
- Integrity Impact: High
- Availability Impact: Low
- Remediation Level: Official Fix
MITIGATION
Refer to the radare2 GIT Repository for patch, upgrade or suggested workaround information. See References.
- Reference Link:
https://huntr.dev/bounties/1c22055b-b015-47a8-a57b-4982978751d0/ - Reference Link:
https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e
If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.