← Back

CVE-2021-3673

nvd nist
Published: Aug 2, 2021Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS.

Affected (4)

Radare
1 product
Radare2
Fedoraproject
1 product
Fedora
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Radare2
Version 5.3.1
Configuration B
3 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 33
Fedora
Version 34
Fedora
Version 35

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-252
Unchecked Return Value
The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

References (12)

Source: patrick@puiterwijk.org
ExploitIssue TrackingPatchThird Party Advisory
Source: patrick@puiterwijk.org
Source: patrick@puiterwijk.org
Source: patrick@puiterwijk.org
Source: patrick@puiterwijk.org
Source: patrick@puiterwijk.org
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitIssue TrackingPatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.