CVE-2018-20461 (NVD)

2018-12-25

In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.

Products Radare2
Type Out-of-bounds Read (CWE-125)
First patch https://github.com/radare/radare2/commit/a1bc65c3db593530775823d6d7506a457ed95267
Relevant file/s ./libr/core/cmd_anal.c (modified, +11, -5)
Links https://github.com/radare/radare2/issues/12375

radare2 - Tree: a1bc65c3db

(? files)

Filter Settings
Files
Navigation
Patch data:

(on by default)


Patched area: