Information on source package radare2

Available versions

ReleaseVersion
sid5.5.0+dfsg-1

Open issues

BugsidDescription
CVE-2022-1899vulnerableOut-of-bounds Read in GitHub repository radareorg/radare2 prior to 5.7 ...
CVE-2022-1809vulnerableAccess of Uninitialized Pointer in GitHub repository radareorg/radare2 ...
CVE-2022-1714vulnerableHeap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-1649vulnerableNull pointer dereference in libr/bin/format/mach0/mach0.c in radareorg ...
CVE-2022-1452vulnerableOut-of-bounds Read in r_bin_java_bootstrap_methods_attr_new function i ...
CVE-2022-1451vulnerableOut-of-bounds Read in r_bin_java_constant_value_attr_new function in G ...
CVE-2022-1444vulnerableheap-use-after-free in GitHub repository radareorg/radare2 prior to 5. ...
CVE-2022-1437vulnerableHeap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-1383vulnerableHeap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-1382vulnerableNULL Pointer Dereference in GitHub repository radareorg/radare2 prior ...
CVE-2022-1297vulnerableOut-of-bounds Read in r_bin_ne_get_entrypoints function in GitHub repo ...
CVE-2022-1296vulnerableOut-of-bounds read in `r_bin_ne_get_relocs` function in GitHub reposit ...
CVE-2022-1284vulnerableheap-use-after-free in GitHub repository radareorg/radare2 prior to 5. ...
CVE-2022-1283vulnerableNULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHu ...
CVE-2022-1244vulnerableheap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5 ...
CVE-2022-1240vulnerableHeap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub reposi ...
CVE-2022-1238vulnerableHeap-based Buffer Overflow in libr/bin/format/ne/ne.c in GitHub reposi ...
CVE-2022-1237vulnerableImproper Validation of Array Index in GitHub repository radareorg/rada ...
CVE-2022-1207vulnerableOut-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6 ...
CVE-2022-1061vulnerableHeap Buffer Overflow in parseDragons in GitHub repository radareorg/ra ...
CVE-2022-1052vulnerableHeap Buffer Overflow in iterate_chained_fixups in GitHub repository ra ...
CVE-2022-1031vulnerableUse After Free in op_is_set_bp in GitHub repository radareorg/radare2 ...
CVE-2022-0849vulnerableUse After Free in r_reg_get_name_idx in GitHub repository radareorg/ra ...
CVE-2022-0713vulnerableHeap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-0712vulnerableNULL Pointer Dereference in GitHub repository radareorg/radare2 prior ...
CVE-2022-0695vulnerableDenial of Service in GitHub repository radareorg/radare2 prior to 5.6. ...
CVE-2022-0676vulnerableHeap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-0559vulnerableUse After Free in GitHub repository radareorg/radare2 prior to 5.6.2. ...
CVE-2022-0523vulnerableExpired Pointer Dereference in GitHub repository radareorg/radare2 pri ...
CVE-2022-0521vulnerableAccess of Memory Location After End of Buffer in GitHub repository rad ...
CVE-2022-0519vulnerableBuffer Access with Incorrect Length Value in GitHub repository radareo ...
CVE-2022-0518vulnerableHeap-based Buffer Overflow in GitHub repository radareorg/radare2 prio ...
CVE-2022-0476vulnerableDenial of Service in GitHub repository radareorg/radare2 prior to 5.6. ...
CVE-2022-0419vulnerableNULL Pointer Dereference in GitHub repository radareorg/radare2 prior ...
CVE-2022-0173vulnerableradare2 is vulnerable to Out-of-bounds Read ...
CVE-2022-0139vulnerableUse After Free in GitHub repository radareorg/radare2 prior to 5.6.0. ...
CVE-2021-44975vulnerableradareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/cor ...
CVE-2021-44974vulnerableradareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Derefere ...
CVE-2021-4021vulnerableA vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0 ...

Resolved issues

BugDescription
CVE-2021-32613In radare2 through 5.3.0 there is a double free vulnerability in the p ...
CVE-2021-3673A vulnerability was found in Radare2 in version 5.3.1. Improper input ...
CVE-2020-17487radare2 4.5.0 misparses signature information in PE files, causing a s ...
CVE-2020-16269radare2 4.5.0 misparses DWARF information in executable files, causing ...
CVE-2020-15121In radare2 before version 4.5.0, malformed PDB file names in the PDB s ...
CVE-2019-19647radare2 through 4.0.0 lacks validation of the content variable in the ...
CVE-2019-19590In radare2 through 4.0, there is an integer overflow for the variable ...
CVE-2019-16718In radare2 before 3.9.0, a command injection vulnerability exists in b ...
CVE-2019-14745In radare2 before 3.7.0, a command injection vulnerability exists in b ...
CVE-2019-12865In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a dou ...
CVE-2019-12829radare2 through 3.5.1 mishandles the RParse API, which allows remote a ...
CVE-2019-12802In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lan ...
CVE-2019-12790In radare2 through 3.5.1, there is a heap-based buffer over-read in th ...
CVE-2018-20461In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c all ...
CVE-2018-20460In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch ...
CVE-2018-20459In radare2 through 3.1.3, the armass_assemble function in libr/asm/arc ...
CVE-2018-20458In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/ ...
CVE-2018-20457In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_ ...
CVE-2018-20456In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p ...
CVE-2018-20455In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p ...
CVE-2018-19843opmov in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attack ...
CVE-2018-19842getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows att ...
CVE-2018-15834In radare2 before 2.9.0, a heap overflow vulnerability exists in the r ...
CVE-2018-14017The r_bin_java_annotation_new function in shlr/java/class.c in radare2 ...
CVE-2018-14016The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7. ...
CVE-2018-14015The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote ...
CVE-2018-12322There is a heap out of bounds read in radare2 2.6.0 in _6502_op() in l ...
CVE-2018-12321There is a heap out of bounds read in radare2 2.6.0 in java_switch_op( ...
CVE-2018-12320There is a use after free in radare2 2.6.0 in r_anal_bb_free() in libr ...
CVE-2018-11384The sh_op() function in radare2 2.5.0 allows remote attackers to cause ...
CVE-2018-11383The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers ...
CVE-2018-11382The _inst__sts() function in radare2 2.5.0 allows remote attackers to ...
CVE-2018-11381The string_scan_range() function in radare2 2.5.0 allows remote attack ...
CVE-2018-11380The parse_import_ptr() function in radare2 2.5.0 allows remote attacke ...
CVE-2018-11379The get_debug_info() function in radare2 2.5.0 allows remote attackers ...
CVE-2018-11378The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly ha ...
CVE-2018-11377The avr_op_analyze() function in radare2 2.5.0 allows remote attackers ...
CVE-2018-11376The r_read_le32() function in radare2 2.5.0 allows remote attackers to ...
CVE-2018-11375The _inst__lds() function in radare2 2.5.0 allows remote attackers to ...
CVE-2018-10187In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik ...
CVE-2018-10186In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_ ...
CVE-2018-8810In radare2 2.4.0, there is a heap-based buffer over-read in the get_iv ...
CVE-2018-8809In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik ...
CVE-2018-8808In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_ ...
CVE-2017-16805In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a ...
CVE-2017-16359In radare 2.0.1, a pointer wraparound vulnerability exists in store_ve ...
CVE-2017-16358In radare 2.0.1, an out-of-bounds read vulnerability exists in string_ ...
CVE-2017-16357In radare 2.0.1, a memory corruption vulnerability exists in store_ver ...
CVE-2017-15932In radare2 2.0.1, an integer exception (negative number leading to an ...
CVE-2017-15931In radare2 2.0.1, an integer exception (negative number leading to an ...
CVE-2017-15385The store_versioninfo_gnu_verdef function in libr/bin/format/elf/elf.c ...
CVE-2017-15368The wasm_dis function in libr/asm/arch/wasm/wasm.c in radare2 2.0.0 al ...
CVE-2017-10929The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 al ...
CVE-2017-9949The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 al ...
CVE-2017-9763The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013 ...
CVE-2017-9762The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows ...
CVE-2017-9761The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remot ...
CVE-2017-9520The r_config_set function in libr/config/config.c in radare2 1.5.0 all ...
CVE-2017-7946The get_relocs_64 function in libr/bin/format/mach0/mach0.c in radare2 ...
CVE-2017-7854The consume_init_expr function in wasm.c in radare2 1.3.0 allows remot ...
CVE-2017-7716The read_u32_leb128 function in libr/util/uleb128.c in radare2 1.3.0 a ...
CVE-2017-7274The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 ...
CVE-2017-6448The dalvik_disassemble function in libr/asm/p/asm_dalvik.c in radare2 ...
CVE-2017-6415The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1 ...
CVE-2017-6387The dex_loadcode function in libr/bin/p/bin_dex.c in radare2 1.2.1 all ...
CVE-2017-6319The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1 ...
CVE-2017-6197The r_read_* functions in libr/include/r_endian.h in radare2 1.2.1 all ...
CVE-2017-6194The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows r ...
CVE-2015-2305Integer overflow in the regcomp implementation in the Henry Spencer BS ...

Security announcements

DSA / DLADescription
DLA-1016-1radare2 - security update
DLA-901-1radare2 - security update
DLA-837-1radare2 - security update

Search for package or bug name: Reporting problems