Debian Radare2 vulnerabilities

154 known vulnerabilities affecting debian/radare2.

Total CVEs

154

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL14HIGH51MEDIUM42LOW47

Vulnerabilities

Page 4 of 8

CVE-2022-1284MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-1284 [MEDIUM] CVE-2022-1284: radare2 - heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This ... heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-0712MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-0712 [MEDIUM] CVE-2022-0712: radare2 - NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4. NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-1207MEDIUMCVSS 6.6fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-1207 [MEDIUM] CVE-2022-1207: radare2 - Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This v... Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-1649MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-1649 [MEDIUM] CVE-2022-1649: radare2 - Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 i... Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg/radare2 in GitHub repository radareorg/radare2 prior to 5.7.0. It is likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/476.html). Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-1383MEDIUMCVSS 6.1fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-1383 [MEDIUM] CVE-2022-1383: radare2 - Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8... Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-34502MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-34502 [MEDIUM] CVE-2022-34502: radare2 - Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function... Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-0849MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-0849 [MEDIUM] CVE-2022-0849: radare2 - Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prio... Use After Free in r_reg_get_name_idx in GitHub repository radareorg/radare2 prior to 5.6.6. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-0419MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-0419 [MEDIUM] CVE-2022-0419: radare2 - NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0. NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-1444MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-1444 [MEDIUM] CVE-2022-1444: radare2 - heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This ... heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-1382MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-1382 [MEDIUM] CVE-2022-1382: radare2 - NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. ... NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-0695MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-0695 [MEDIUM] CVE-2022-0695: radare2 - Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-1283MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-1283 [MEDIUM] CVE-2022-1283: radare2 - NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub reposito... NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash). Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-1244MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-1244 [MEDIUM] CVE-2022-1244: radare2 - heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This... heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-0476MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-0476 [MEDIUM] CVE-2022-0476: radare2 - Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-0173MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-0173 [MEDIUM] CVE-2022-0173: radare2 - radare2 is vulnerable to Out-of-bounds Read radare2 is vulnerable to Out-of-bounds Read Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-34520MEDIUMCVSS 5.5fixed in radare2 5.9.0+dfsg-1 (sid)2022

CVE-2022-34520 [MEDIUM] CVE-2022-34520: radare2 - Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the func... Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file. Scope: local sid: resolved (fixed in 5.9.0+dfsg-1)

debian

CVE-2022-4843LOWCVSS 7.52022

CVE-2022-4843 [HIGH] CVE-2022-4843: radare2 - NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. Scope: local sid: resolved

debian

CVE-2021-32495CRITICALCVSS 10.0fixed in radare2 5.5.0+dfsg-1 (sid)2021

CVE-2021-32495 [CRITICAL] CVE-2021-32495: radare2 - Radare2 has a use-after-free vulnerability in pyc parser's get_none_object funct... Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service. Scope: local sid: resolved (fixed in 5.5.0+dfsg-1)

debian

CVE-2021-32494CRITICALCVSS 10.0fixed in radare2 5.5.0+dfsg-1 (sid)2021

CVE-2021-32494 [CRITICAL] CVE-2021-32494: radare2 - Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer fu... Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service. Scope: local sid: resolved (fixed in 5.5.0+dfsg-1)

debian

CVE-2021-3673HIGHCVSS 7.5fixed in radare2 5.5.0+dfsg-1 (sid)2021

CVE-2021-3673 [HIGH] CVE-2021-3673: radare2 - A vulnerability was found in Radare2 in version 5.3.1. Improper input validation... A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS. Scope: local sid: resolved (fixed in 5.5.0+dfsg-1)

debian

← Previous4 / 8Next →