|
|
Subscribe / Log in / New account

Mageia alert MGASA-2020-0100 (radare2)

From:  Mageia Updates <buildsystem-daemon@mageia.org>
To:  updates-announce@ml.mageia.org
Subject:  [updates-announce] MGASA-2020-0100: Updated radare2 packages fix security vulnerabilities
Date:  Mon, 24 Feb 2020 22:45:49 +0100
Message-ID:  <20200224214549.6C2399F750@duvel.mageia.org>

MGASA-2020-0100 - Updated radare2 packages fix security vulnerabilities Publication date: 24 Feb 2020 URL: https://advisories.mageia.org/MGASA-2020-0100.html Type: security Affected Mageia releases: 7 CVE: CVE-2019-19590, CVE-2019-19647 Description: Updated radare2 packages fix security vulnerabilities: A vulnerability was found in radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input (CVE-2019-19590). radare2 through 4.0.0 lacks validation of the content variable in the function r_asm_pseudo_incbin at libr/asm/asm.c, ultimately leading to an arbitrary write. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted input (CVE-2019-19647). The radare2 package has been updated to version 4.2.1, fixing these issues and other bugs. Also, the radare2-cutter package has been updated to version 1.10.1. References: - https://bugs.mageia.org/show_bug.cgi?id=26232 - https://lists.fedoraproject.org/archives/list/package-ann... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1... SRPMS: - 7/core/radare2-4.2.1-1.mga7 - 7/core/radare2-cutter-1.10.1-1.mga7


to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds