CVE-2021-32494

CRITICAL

Radare2 - Divide By Zero

Title source: rule

Description

Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.

References (2)

[Patch, Vendor Advisory] https://github.com/radareorg/radare2/commit/a07dedb804a82bc01c07072861942dd80c6b6d62

View Patch ZIP pw:eip

[Exploit, Issue Tracking, Patch, Vendor Advisory] https://github.com/radareorg/radare2/issues/18667

Scores

CVSS v3 10.0

EPSS 0.0022

EPSS Percentile 44.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-369

Status published

Products (1)

radare/radare2 5.3.0

Published Jul 07, 2023

Tracked Since Feb 18, 2026