CVE-2021-4021

HIGH

Radare2 <5.6.2-5.5.4 - DoS

Title source: llm

Description

A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS.

References (1)

[Exploit, Issue Tracking, Third Party Advisory] https://github.com/radareorg/radare2/issues/19436

Scores

CVSS v3 7.5

EPSS 0.0044

EPSS Percentile 63.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-400 CWE-834

Status published

Products (1)

radare/radare2 < 5.5.0

Published Feb 24, 2022

Tracked Since Feb 18, 2026