Segmentation Fault in radare2 Product by radareorg
CVE-2023-27114

5.5MEDIUM

Key Information:

Vendor: Radare
Status: Radare2
Vendor: CVE Published:; 10 March 2023

What is CVE-2023-27114?

A segmentation fault vulnerability has been identified in the radare2 tool version 5.8.3, specifically in the wasm_dis component located in the wasm.c file. This flaw occurs when the software does not adequately handle certain inputs, leading to an unexpected termination of the process. Users leveraging radare2 for reverse engineering tasks should be aware of this issue, as it may lead to service disruptions or potential information exposure. It's recommended to apply patches and updates provided by the vendor to mitigate any related risks.

References

https://github.com/radareorg/radare2/issues/21363

https://github.com/radareorg/radare2/commit/a15067a8eaa83...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 10, 2023
Vulnerability Reserved
Feb 27, 2023

CVE-2023-27114 Data

JSON

Radare

What is CVE-2023-27114?

References

CVSS V3.1

Timeline