SB2022022417 - Multiple vulnerabilities in radare2
Published: February 24, 2022 Updated: February 25, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Heap-based buffer overflow (CVE-ID: CVE-2022-0713)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in r_read_le32. A remote attacker can trick a victim to open a specially crafted file, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) NULL pointer dereference (CVE-ID: CVE-2022-0712)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error. A remote attacker can trick a victim to open a specially crafted file and perform a denial of service (DoS) attack.
3) Resource exhaustion (CVE-ID: CVE-2022-0476)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources. A remote attacker can trick a victim to open a specially crafted mdmp file, trigger resource exhaustion and perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://huntr.dev/bounties/d35b3dff-768d-4a09-a742-c18ca8f56d3c
- https://github.com/radareorg/radare2/commit/a35f89f86ed12161af09330e92e5a213014e46a1
- https://github.com/radareorg/radare2/commit/515e592b9bea0612bc63d8e93239ff35bcf645c7
- https://huntr.dev/bounties/1e572820-e502-49d1-af0e-81833e2eb466
- https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b
- https://huntr.dev/bounties/81ddfbda-6c9f-4b69-83ff-85b15141e35d