Note:
This project will be discontinued after December 13, 2021. [more]
2018-09-12
In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file.
| Products | Radare2 |
| Type | Out-of-bounds Write (CWE-787) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://github.com/radare/radare2/pull/11300
• https://github.com/radare/radare2/issues/11274 |