[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249461

 
 

909

 
 

195508

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

CVE-2017-16357 -- radare2

ID: oval:org.secpod.oval:def:2000729Date: (C)2019-06-03   (M)2021-06-02
Class: VULNERABILITYFamily: unix




In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef and store_versioninfo_gnu_verneed in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory.

Platform:
Debian 9.x
Product:
radare2
Reference:
CVE-2017-16357
CVE    1
CVE-2017-16357
CPE    2
cpe:/a:radare:radare2
cpe:/o:debian:debian_linux:9.x

© SecPod Technologies