Description
In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
References (4)
Core 4
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://github.com/radare/radare2/commit/62e39f34b2705131a2d08aff0c2e542c6a52cf0e
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac48313882
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d
Exploit, Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://github.com/radare/radare2/issues/8764
Scores
CVSS v3
5.5
EPSS
0.0019
EPSS Percentile
40.9%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-476
Status
published
Products (1)
radare/radare2
2.0.1
Published
Nov 01, 2017
Tracked Since
Feb 18, 2026