Published: 25/05/2022 Updated: 03/06/2022

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser.

Vulnerable Product	Search on Vulmon	Subscribe to Product
radare radare2

Debian Bug report logs - #1014490 radare2: CVE-2021-44975 CVE-2021-44974 CVE-2021-4021 Package: src:radare2; Maintainer for src:radare2 is Debian Security Tools <team+pkg-security@trackerdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 6 Jul 2022 20:57:02 UTC Severity: important Tags: securi ...

NULL Pointer Dereference via libr/bin/p/bin_symbolsc binary symbol parser ...

Self - explanatory, dump of the public vulnerabilities I've discovered.

Public Vulnerabilities Public vulnerabilities I discovered Vulnerability Reference Project CVE NULL Pointer dereference while parsing xnu kernelcache files in radare2 < 555 Writeup radare2 CVE-2022-0419 NULL pointer dereference in symbols function while parsing the symbols of an executable radare2 < 550 Issue radare2 CVE-2021-44974 Heap buffer over

CWE-476 https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/https://github.com/radareorg/radare2/issues/19478 http://www.openwall.com/lists/oss-security/2022/05/25/1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014490 https://nvd.nist.gov https://github.com/0xShad3/vulnerabilities https://security.archlinux.org/CVE-2021-44974

CVE-2021-44974

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect