Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2019-12829

radare2 through 3.5.1 mishandles the RParse API, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, as demonstrated by newstr buffer overflows during replace operations. This affects libr/asm/asm.c and libr/parse/parse.c.

Related bugs and status

CVE-2019-12829 (Candidate) is related to these bugs:

Bug #1882889: Update vulnerable radare2 on 16.04, 18.04, 19.10

Summary				In	Importance	Status
	1882889	Update vulnerable radare2 on 16.04, 18.04, 19.10		radare2 (Ubuntu)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/rad...