Radare ≫ Radare2

An issue in radare2 v5.8.0 through v5.9.4 allows a local attacker to cause a denial of service via the __bf_div function.

An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grub_sfs_read_extent function.

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.

A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.