Denial of Service Vulnerability in radare2 by radareorg
CVE-2024-48241

5.5MEDIUM

Key Information:

Vendor: radareorg
Status: radare2
Vendor: CVE Published:; 30 October 2024

What is CVE-2024-48241?

A vulnerability in radare2 from version 5.8.0 through 5.9.4 allows a local attacker to trigger a denial of service condition. This is achieved through a flaw in the __bf_div function, potentially leading to unexpected application behavior and service disruption. Users of affected versions are urged to assess their exposure and consider updating to the latest version as a mitigating measure.

References

https://github.com/radareorg/radare2/issues/23317

https://github.com/radareorg/radare2/pull/23318

https://github.com/St-Andrews-Bug-Busters/Vuln_info/blob/...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 30, 2024
Vulnerability Reserved
Oct 8, 2024

CVE-2024-48241 Data

JSON