Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in radareorg radare2 allows Overflow Buffers.This issue affects radare2: before <5.9.9.
The vulnerability (CWE-119, CWE-120) consists of improper restriction of operations performed within the memory buffer, leading to its overflow. An attacker can provide crafted input data that exceeds the allocated buffer, overwriting adjacent memory areas. The lack of privilege requirements (PR:N) and user interaction requirements (UI:N) means the attack can be conducted remotely over the network without any preconditions.
An attacker can gain full control over the vulnerable system, including the ability to read and modify data (VC:H, VI:H) and cause service unavailability (VA:H). The vulnerability may also affect related systems (SC:H, SI:H, SA:H), threatening takeover of infrastructure beyond the direct target of the attack.
radare2 should be updated to version 5.9.9 or newer. A patch is available in the project repository (pull request #23981 on GitHub). Priority implementation of the update is recommended, especially in environments where radare2 processes files or data from untrusted sources.
All radare2 versions (radareorg/radare2) older than 5.9.9.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XRadare Radare2
APPRadare≤ 5.9.8
Related vulnerabilities
Krytyczny Out-of-bounds Write (heap buffer overflow) w Radare2
Buffer Overflow w Radare2 umożliwiający wykonanie dowolnego kodu (RCE)
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds...
An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/n...
Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.