Updated radare2 packages fix security vulnerabilities

2020-02-2500:44:46

Gentoo Foundation

advisories.mageia.org

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.024

Percentile

89.9%

JSON

Updated radare2 packages fix security vulnerabilities: A vulnerability was found in radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input (CVE-2019-19590). radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input (CVE-2019-19647). The radare2 package has been updated to version 4.2.1, fixing these issues and other bugs. Also, the radare2-cutter package has been updated to version 1.10.1.

OSVersionArchitecturePackageVersionFilename
Mageia7noarchradare2< 4.2.1-1radare2-4.2.1-1.mga7
Mageia7noarchradare2-cutter< 1.10.1-1radare2-cutter-1.10.1-1.mga7