Description
Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary.
References (2)
Core 2
Core References
Exploit, Patch, Third Party Advisory x_refsource_confirm
https://huntr.dev/bounties/7b979e76-ae54-4132-b455-0833e45195eb
Patch, Third Party Advisory x_refsource_misc
https://github.com/radareorg/radare2/commit/605785b65dd356d46d4487faa41dbf90943b8bc1
Scores
CVSS v3
6.6
EPSS
0.0011
EPSS Percentile
28.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Details
CWE
CWE-125
Status
published
Products (1)
radare/radare2
< 5.6.8
Published
Apr 01, 2022
Tracked Since
Feb 18, 2026