SB2019010848 - Fedora 29 update for radare2

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019010848

SB2019010848 - Fedora 29 update for radare2

Published: January 8, 2019 Updated: April 24, 2025

Security Bulletin ID SB2019010848
Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Medium 57% Low 43%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Stack-based buffer overflow (CVE-ID: CVE-2018-20455)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


2) Stack-based buffer overflow (CVE-ID: CVE-2018-20456)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


3) Out-of-bounds read (CVE-ID: CVE-2018-20457)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the assemble() function inside libr/asm/p/asm_arm_cs. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and perform a denial of service (DoS) attack.


4) Out-of-bounds read (CVE-ID: CVE-2018-20458)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file.


5) Out-of-bounds read (CVE-ID: CVE-2018-20459)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the armass_assemble() function in libr/asm/arch/arm/armass.c. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and perform a denial of service (DoS) attack.


6) Buffer overflow (CVE-ID: CVE-2018-20460)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.


7) Out-of-bounds read (CVE-ID: CVE-2018-20461)

The vulnerability allows a local non-authenticated attacker to perform a denial of service (DoS) attack.

In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.


Remediation

Install update from vendor's website.

References