Khairul Kasmiran

2 exploits Active since Nov 2017

CVE-2017-16357 WRITEUP HIGH WRITEUP

radare 2.0.1 - Memory Corruption

In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory.

CVSS 7.8

View Code

CVE-2017-16359 WRITEUP MEDIUM WRITEUP

radare 2.0.1 - Buffer Overflow

In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.

CVSS 5.5

View Code