CVE-2022-1383

Published: Apr 18, 2022Modified: Nov 21, 2024

6.1

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

Exploitability: 1.8 / Impact: 4.2

Source: NVD

Description

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.8. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash.

Affected (1)

Products: Radare: Radare2

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Radare Radare2	Before 5.6.8

Related CWEs

Heap-based Buffer Overflow

A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

https://github.com/radareorg/radare2/commit/1dd65336f0f0c351d6ea853efcf73cf9c0030862

Source: security@huntr.dev

PatchThird Party Advisory

https://huntr.dev/bounties/02b4b563-b946-4343-9092-38d1c5cd60c9

Source: security@huntr.dev

ExploitPatchThird Party Advisory

https://github.com/radareorg/radare2/commit/1dd65336f0f0c351d6ea853efcf73cf9c0030862

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://huntr.dev/bounties/02b4b563-b946-4343-9092-38d1c5cd60c9

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party Advisory

Timeline

No history available yet.