4 matches found
Code injection
The rstrbuffini function in radare2 2.5.0 allows remote attackers to cause a denial of service invalid free and application crash via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/analavr.c...
CVE-2018-11383
The rstrbuffini function in radare2 2.5.0 allows remote attackers to cause a denial of service invalid free and application crash via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/analavr.c...
CVE-2018-11383
CVE-2018-11383 affects radare2 up to version 2.5.0, where the r_strbuf_fini() function may crash the application or cause an invalid free via a crafted ELF file due to an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c. The vulnerability is confirmed across multiple sources; ...
CVE-2018-11383
The rstrbuffini function in radare2 2.5.0 allows remote attackers to cause a denial of service invalid free and application crash via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/analavr.c...