Lucene search

FedoraCVELIST:CVE-2021-32613

HistoryMay 14, 2021 - 12:11 p.m.

CVE-2021-32613

2021-05-1412:11:40

CWE-416

fedora

www.cve.org

radare2 5.3.0 dos vulnerability

AI Score

5.8

Confidence

High

EPSS

0.002

Percentile

52.6%

JSON

In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS.

CNA Affected

[
  {
    "product": "radare2",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "radare2 versions before and including 5.3.0"
      }
    ]
  }
]

References

bugzilla.redhat.com/show_bug.cgi?id=1959939

github.com/radareorg/radare2/commit/5e16e2d1c9fe245e4c17005d779fde91ec0b9c05

github.com/radareorg/radare2/commit/a07dedb804a82bc01c07072861942dd80c6b6d62

github.com/radareorg/radare2/issues/18666

github.com/radareorg/radare2/issues/18667

github.com/radareorg/radare2/issues/18679

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3LPB5VGCIA7WA55FSB3YZQFUGZKWD7O/

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3S7JB46PONPHXZHIMR2XDPLGJCN5ZIX/