CVE-2022-34520 - Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_

CVE-2022-34520

Summary

Radare2 v5.7.2 was discovered to contain a NULL pointer dereference via the function r_bin_file_xtr_load_buffer at bin/bfile.c. This vulnerability allows attackers to cause a Denial of Service (DOS) via a crafted binary file.

References

https://github.com/radareorg/radare2/issues/20354

Vulnerable Configurations

cpe:2.3:a:radare:radare2:5.7.2:*:*:*:*:*:*:*
cpe:2.3:a:radare:radare2:5.7.2:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

CWE-476

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

29-07-2022 - 01:49

Published

22-07-2022 - 15:15

Last modified

29-07-2022 - 01:49