CVE-2021-32494

2023-07-0719:15:09

CWE-369

[email protected]

web.nvd.nist.gov

cve-2021-32494

radare2

division by zero

vulnerability

mach-o parser

rebase_buffer

denial of service

nvd

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

23.7%

JSON

Radare2 has a division by zero vulnerability in Mach-O parser’s rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.

Affected configurations

NVD

Node

radareradare2Match5.3.0

CPENameOperatorVersion
radare:radare2radare radare2eq5.3.0

CPE	Name	Operator	Version
radare:radare2	radare radare2	eq	5.3.0

CNA Affected

[
  {
    "vendor": "radare2",
    "product": "radare2",
    "versions": [
      {
        "status": "affected",
        "version": "5.3.0-git 26142"
      }
    ],
    "defaultStatus": "unaffected"
  }
]