All errata/sisyphus_loongarch64/ALT-PU-2024-4889-1
ALT-PU-2024-4889-1

Package update radare2 in branch sisyphus_loongarch64

Version5.9.0-alt1
Task#0
Published2024-04-01
Max severityCRITICAL
Severity:

Closed issues (5)

CVE-2023-4322
CRITICAL9.8

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

Published: 2023-08-14Modified: 2024-11-21
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
CVE-2023-46569
CRITICAL9.8

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

Published: 2023-10-28Modified: 2024-11-21
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
CVE-2023-46570
CRITICAL9.8

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

Published: 2023-10-28Modified: 2024-11-21
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
CVE-2023-47016
HIGH7.5

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

Published: 2023-11-22Modified: 2024-11-21
CVSS 3.xHIGH 7.5
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
CVE-2023-5686
HIGH8.8

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

Published: 2023-10-20Modified: 2024-11-21
CVSS 3.xHIGH 8.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References