Information on source package radare2

Available versions

ReleaseVersion
wheezy0.9-3
wheezy (security)0.9-3+deb7u3
jessie0.9.6-3.1+deb8u1
stretch1.1.0+dfsg-5
buster2.1.0+dfsg-1
sid2.1.0+dfsg-1

Open issues

BugwheezyjessiestretchbustersidDescription
CVE-2017-9949vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 ...
CVE-2017-9763vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe grub_ext2_read_block function in fs/ext2.c in GNU GRUB before ...
CVE-2017-9762vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows ...
CVE-2017-9761vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote ...
CVE-2017-9520vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe r_config_set function in libr/config/config.c in radare2 1.5.0 ...
CVE-2017-7946vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 ...
CVE-2017-6448fixedvulnerable (no DSA)fixedfixedfixedThe dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 ...
CVE-2017-6197fixedvulnerable (no DSA)fixedfixedfixedThe r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 ...
CVE-2017-16805fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedIn radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a ...
CVE-2017-16359fixedfixedvulnerable (no DSA)fixedfixedIn radare 2.0.1, a pointer wraparound vulnerability exists in ...
CVE-2017-16357fixedfixedvulnerable (no DSA)fixedfixedIn radare 2.0.1, a memory corruption vulnerability exists in ...
CVE-2017-15932fixedfixedvulnerable (no DSA)fixedfixedIn radare2 2.0.1, an integer exception (negative number leading to an ...
CVE-2017-15931fixedfixedvulnerable (no DSA)fixedfixedIn radare2 2.0.1, an integer exception (negative number leading to an ...
CVE-2017-15385fixedfixedvulnerable (no DSA)fixedfixedThe store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...
CVE-2017-10929fixedvulnerable (no DSA)vulnerable (no DSA)fixedfixedThe grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 ...
CVE-2015-2305vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedInteger overflow in the regcomp implementation in the Henry Spencer ...

Resolved issues

BugDescription
CVE-2017-7854The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote ...
CVE-2017-7716The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 ...
CVE-2017-7274The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 ...
CVE-2017-6415The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 ...
CVE-2017-6387The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 ...
CVE-2017-6319The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 ...
CVE-2017-6194The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows ...
CVE-2017-16358In radare 2.0.1, an out-of-bounds read vulnerability exists in ...
CVE-2017-15368The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 ...

Security announcements

DSA / DLADescription
DLA-1016-1radare2 - security update
DLA-901-1radare2 - security update
DLA-837-1radare2 - security update

Search for package or bug name: Reporting problems