radareorg/radare2 is vulnerable to denial of service. The vulnerability exists due to a NULL Pointer Dereference in bin_xnu_kernelcache.c allowing an attacker to crash the system by setting the cache_buf pointer
in obj
to NULL.
www.openwall.com/lists/oss-security/2022/05/25/1
census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/
github.com/radareorg/radare2/commit/feaa4e7f7399c51ee6f52deb84dc3f795b4035d6
huntr.dev/bounties/1f84e79d-70e7-4b29-8b48-a108f81c89aa
huntr.dev/bounties/1f84e79d-70e7-4b29-8b48-a108f81c89aa/
lists.fedoraproject.org/archives/list/[email protected]/message/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS/
lists.fedoraproject.org/archives/list/[email protected]/message/SKGIB52R4XPCPNEW6GF56EHW7ST24IJU/