Note:
This project will be discontinued after December 13, 2021. [more]
2018-12-25
In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.
Products | Radare2 |
Type | Out-of-bounds Write (CWE-787) |
First patch |
https://github.com/radare/radare2/commit/df167c7db545953bb7f71c72e98e7a3ca0c793bf |
Relevant file/s | ./libr/asm/arch/arm/armass64.c (modified, +4) |
Links | https://github.com/radare/radare2/issues/12376 |
Navigation
Patch data:
Patched area:
(on by default)
Patched area: