CVE-2020-27794

CRITICAL

Radare2 < 4.4.0 - Double Free

Title source: rule

Description

A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.

References (2)

[Exploit, Issue Tracking, Patch, Third Party Advisory] https://github.com/radareorg/radare2/issues/16303

[Patch, Third Party Advisory] https://github.com/radareorg/radare2/commit/cb8b683758edddae2d2f62e8e63a738c39f92683

View Patch ZIP pw:eip

Scores

CVSS v3 9.1

EPSS 0.0040

EPSS Percentile 60.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Details

CWE

CWE-415

Status published

Products (1)

radare/radare2 < 4.4.0

Published Aug 19, 2022

Tracked Since Feb 18, 2026