CVE-2019-12865Double Free in Radare2

CWE-415Double Free7 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.3%
top 45.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Debian Radare2Radare Radare2
Timeline
PublishedJun 17
Latest updateMay 24

Description

In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free for the ms command.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

debiandebian/radare2< radare2 3.8.0+dfsg-1 (sid)
NVDradare/radare23.5.1

🔴Vulnerability Details

2
GHSA
GHSA-4vc4-pm9p-xmjm: In radare2 through 32022-05-24
OSV
CVE-2019-12865: In radare2 through 32019-06-17

📋Vendor Advisories

1
Debian
CVE-2019-12865: radare2 - In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double free f...2019

💬Community

3
Bugzilla
CVE-2019-12865 radare2: double free in cmd_mount in libr/core/cmd_mount.c [fedora-all]2019-07-01
Bugzilla
CVE-2019-12865 radare2: double free in cmd_mount in libr/core/cmd_mount.c [epel-7]2019-07-01
Bugzilla
CVE-2019-12865 radare2: double free in cmd_mount in libr/core/cmd_mount.c2019-07-01