Integer Overflow in radare2 Affects Multiple Versions
CVE-2019-19590

7.8HIGH

Key Information:

Vendor

Radare

Status
Radare2
Vendor
CVE Published:
5 December 2019

What is CVE-2019-19590?

In radare2, the versions up to 4.0 are susceptible to an integer overflow in the function r_asm_massemble within libr/asm/asm.c. This flaw arises from improper handling of the variable new_token_size, which can lead to a Use-After-Free scenario for tokens. As a result, an attacker could exploit this vulnerability to inject arbitrary data, potentially leading to a denial of service through application crashes or even executing malicious code through specially crafted inputs.

References

https://github.com/radareorg/radare2/issues/15543
x_refsource_MISC
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.