Information on source package radare2

Available versions

ReleaseVersion
trixie5.9.0+dfsg-2
sid5.9.2+dfsg-1

Resolved issues

BugDescription
CVE-2024-26475An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5 ...
CVE-2023-47016radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in l ...
CVE-2023-46570An out-of-bounds read in radare2 v.5.8.9 and before exists in the prin ...
CVE-2023-46569An out-of-bounds read in radare2 v.5.8.9 and before exists in the prin ...
CVE-2023-27114radare2 v5.8.3 was discovered to contain a segmentation fault via the ...
CVE-2023-5686Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2023-4322Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2023-1605Denial of Service in GitHub repository radareorg/radare2 prior to 5.8. ...
CVE-2023-0302Failure to Sanitize Special Elements into a Different Plane (Special E ...
CVE-2022-34520Radare2 v5.7.2 was discovered to contain a NULL pointer dereference vi ...
CVE-2022-34502Radare2 v5.7.0 was discovered to contain a heap buffer overflow via th ...
CVE-2022-28073A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4. ...
CVE-2022-28072A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4 ...
CVE-2022-28071A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5 ...
CVE-2022-28070A null pointer deference in __core_anal_fcn function in radare2 5.4.2 ...
CVE-2022-28069A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.
CVE-2022-28068A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4. ...
CVE-2022-4843NULL Pointer Dereference in GitHub repository radareorg/radare2 prior ...
CVE-2022-4398Integer Overflow or Wraparound in GitHub repository radareorg/radare2 ...
CVE-2022-1899Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7 ...
CVE-2022-1809Access of Uninitialized Pointer in GitHub repository radareorg/radare2 ...
CVE-2022-1714Out-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7 ...
CVE-2022-1649Null pointer dereference in libr/bin/format/mach0/mach0.c in radareorg ...
CVE-2022-1452Out-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function i ...
CVE-2022-1451Out-of-bounds Read in r_bin_java_constant_value_attr_new function in G ...
CVE-2022-1444heap-use-after-free in GitHub repository radareorg/radare2 prior to 5. ...
CVE-2022-1437Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-1383Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-1382NULL Pointer Dereference in GitHub repository radareorg/radare2 prior ...
CVE-2022-1297Out-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repo ...
CVE-2022-1296Out-of-bounds read in `r_bin_ne_get_relocs` function in GitHub reposit ...
CVE-2022-1284heap-use-after-free in GitHub repository radareorg/radare2 prior to 5. ...
CVE-2022-1283NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHu ...
CVE-2022-1244heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5 ...
CVE-2022-1240Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub reposi ...
CVE-2022-1238Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository ra ...
CVE-2022-1237Improper Validation of Array Index in GitHub repository radareorg/rada ...
CVE-2022-1207Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6 ...
CVE-2022-1061Heap Buffer Overflow in parseDragons in GitHub repository radareorg/ra ...
CVE-2022-1052Heap Buffer Overflow in iterate_chained_fixups in GitHub repository ra ...
CVE-2022-1031Use After Free in op_is_set_bp in GitHub repository radareorg/radare2 ...
CVE-2022-0849Use After Free in r_reg_get_name_idx in GitHub repository radareorg/ra ...
CVE-2022-0713Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-0712NULL Pointer Dereference in GitHub repository radareorg/radare2 prior ...
CVE-2022-0695Denial of Service in GitHub repository radareorg/radare2 prior to 5.6. ...
CVE-2022-0676Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-0559Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
CVE-2022-0523Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
CVE-2022-0521Access of Memory Location After End of Buffer in GitHub repository rad ...
CVE-2022-0519Buffer Access with Incorrect Length Value in GitHub repository radareo ...
CVE-2022-0518Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-0476Denial of Service in GitHub repository radareorg/radare2 prior to 5.6. ...
CVE-2022-0419NULL Pointer Dereference in GitHub repository radareorg/radare2 prior ...
CVE-2022-0173radare2 is vulnerable to Out-of-bounds Read
CVE-2022-0139Use After Free in GitHub repository radareorg/radare2 prior to 5.6.0.
CVE-2021-44975radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/cor ...
CVE-2021-44974radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Derefere ...
CVE-2021-32613In radare2 through 5.3.0 there is a double free vulnerability in the p ...
CVE-2021-32495Radare2 has a use-after-free vulnerability in pyc parser's get_none_ob ...
CVE-2021-32494Radare2 has a division by zero vulnerability in Mach-O parser's rebase ...
CVE-2021-4021A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0 ...
CVE-2021-3673A vulnerability was found in Radare2 in version 5.3.1. Improper input ...
CVE-2020-27795A segmentation fault was discovered in radare2 with adf command. In li ...
CVE-2020-27794A double free issue was discovered in radare2 in cmd_info.c:cmd_info() ...
CVE-2020-27793An off-by-one overflow flaw was found in radare2 due to mismatched arr ...
CVE-2020-17487radare2 4.5.0 misparses signature information in PE files, causing a s ...
CVE-2020-16269radare2 4.5.0 misparses DWARF information in executable files, causing ...
CVE-2020-15121In radare2 before version 4.5.0, malformed PDB file names in the PDB s ...
CVE-2019-19647radare2 through 4.0.0 lacks validation of the content variable in the ...
CVE-2019-19590In radare2 through 4.0, there is an integer overflow for the variable ...
CVE-2019-16718In radare2 before 3.9.0, a command injection vulnerability exists in b ...
CVE-2019-14745In radare2 before 3.7.0, a command injection vulnerability exists in b ...
CVE-2019-12865In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a dou ...
CVE-2019-12829radare2 through 3.5.1 mishandles the RParse API, which allows remote a ...
CVE-2019-12802In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lan ...
CVE-2019-12790In radare2 through 3.5.1, there is a heap-based buffer over-read in th ...
CVE-2018-20461In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c all ...
CVE-2018-20460In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch ...
CVE-2018-20459In radare2 through 3.1.3, the armass_assemble function in libr/asm/arc ...
CVE-2018-20458In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/ ...
CVE-2018-20457In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_ ...
CVE-2018-20456In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p ...
CVE-2018-20455In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p ...
CVE-2018-19843opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attack ...
CVE-2018-19842getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows att ...
CVE-2018-15834In radare2 before 2.9.0, a heap overflow vulnerability exists in the r ...
CVE-2018-14017The r_bin_java_annotation_new function in shlr/java/class.c in radare2 ...
CVE-2018-14016The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7. ...
CVE-2018-14015The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote ...
CVE-2018-12322There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in l ...
CVE-2018-12321There is a heap out of bounds read in radare2 2.6.0 in java_switch_op( ...
CVE-2018-12320There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr ...
CVE-2018-11384The sh_op() function in radare2 2.5.0 allows remote attackers to cause ...
CVE-2018-11383The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers ...
CVE-2018-11382The _inst__sts() function in radare2 2.5.0 allows remote attackers to ...
CVE-2018-11381The string_scan_range() function in radare2 2.5.0 allows remote attack ...
CVE-2018-11380The parse_import_ptr() function in radare2 2.5.0 allows remote attacke ...
CVE-2018-11379The get_debug_info() function in radare2 2.5.0 allows remote attackers ...
CVE-2018-11378The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly ha ...
CVE-2018-11377The avr_op_analyze() function in radare2 2.5.0 allows remote attackers ...
CVE-2018-11376The r_read_le32() function in radare2 2.5.0 allows remote attackers to ...
CVE-2018-11375The _inst__lds() function in radare2 2.5.0 allows remote attackers to ...
CVE-2018-10187In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik ...
CVE-2018-10186In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_ ...
CVE-2018-8810In radare2 2.4.0, there is a heap-based buffer over-read in the get_iv ...
CVE-2018-8809In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik ...
CVE-2018-8808In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_ ...
CVE-2017-16805In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a ...
CVE-2017-16359In radare 2.0.1, a pointer wraparound vulnerability exists in store_ve ...
CVE-2017-16358In radare 2.0.1, an out-of-bounds read vulnerability exists in string_ ...
CVE-2017-16357In radare 2.0.1, a memory corruption vulnerability exists in store_ver ...
CVE-2017-15932In radare2 2.0.1, an integer exception (negative number leading to an ...
CVE-2017-15931In radare2 2.0.1, an integer exception (negative number leading to an ...
CVE-2017-15385The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...
CVE-2017-15368The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 al ...
CVE-2017-10929The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 al ...
CVE-2017-9949The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 al ...
CVE-2017-9763The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013 ...
CVE-2017-9762The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows ...
CVE-2017-9761The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remot ...
CVE-2017-9520The r_config_set function in libr/config/config.c in radare2 1.5.0 all ...
CVE-2017-7946The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 ...
CVE-2017-7854The consume_init_expr function in wasm.c in radare2 1.3.0 allows remot ...
CVE-2017-7716The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 a ...
CVE-2017-7274The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 ...
CVE-2017-6448The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 ...
CVE-2017-6415The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1 ...
CVE-2017-6387The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 all ...
CVE-2017-6319The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1 ...
CVE-2017-6197The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 all ...
CVE-2017-6194The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows r ...
CVE-2015-2305Integer overflow in the regcomp implementation in the Henry Spencer BS ...

Security announcements

DSA / DLADescription
DLA-1016-1radare2 - security update
DLA-901-1radare2 - security update
DLA-837-1radare2 - security update

Search for package or bug name: Reporting problems