Lucene search

@huntrdevCVELIST:CVE-2022-0559

HistoryFeb 16, 2022 - 10:15 a.m.

CVE-2022-0559 Use After Free in radareorg/radare2

2022-02-1610:15:11

CWE-416

@huntrdev

www.cve.org

radareorg repository github useafterfree prior to 5.6.2

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.003

Percentile

69.9%

JSON

Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.

CNA Affected

[
  {
    "product": "radareorg/radare2",
    "vendor": "radareorg",
    "versions": [
      {
        "lessThan": "5.6.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e

huntr.dev/bounties/aa80adb7-e900-44a5-ad05-91f3ccdfc81e

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/

CVSS3

8.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.003

Percentile

69.9%

JSON

Related for CVELIST:CVE-2022-0559