{
  "schema_version": "1.6.2",
  "id": "MGASA-2020-0024",
  "published": "2020-01-07T21:19:56Z",
  "modified": "2020-01-07T20:58:31Z",
  "summary": "Updated radare2 packages fix security vulnerabilities",
  "details": "Updated radare2 packages fix security vulnerabilities:\n\nIn radare2 through 3.5.1, there is a heap-based buffer over-read in the\nr_egg_lang_parsechar function of egg_lang.c. This allows remote attackers\nto cause a denial of service (application crash) or possibly have\nunspecified other impact because of missing length validation in\nlibr/egg/egg.c (CVE-2019-12790).\n\nIn radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lang.c\nmishandles changing context. This allows remote attackers to cause a denial\nof service (application crash) or possibly have unspecified other impact\n(invalid memory access in r_egg_lang_parsechar; invalid free in rcc_pusharg)\n(CVE-2019-12802).\n\nIn radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a double\nfree for the ms command (CVE-2019-12865).\n\nBy using a crafted executable file, it's possible to execute arbitrary\nshell commands with the permissions of the victim. This vulnerability is\ndue to improper handling of symbol names embedded in executables\n(CVE-2019-14745).\n\nThe radare2 package has been updated to version 3.9.0, fixing these issues\nand other bugs.\n\nAlso, the radare2-cutter package has been updated to version 1.9.0.\n",
  "related": [
    "CVE-2019-12790",
    "CVE-2019-12802",
    "CVE-2019-12865",
    "CVE-2019-14745"
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2020-0024.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=25933"
    },
    {
      "type": "REPORT",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ED2UIZ5J7YYFFA2MPSMJ543U3DPEREVZ/"
    },
    {
      "type": "REPORT",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IEXZWAMVKGZKHALV4IVWQS2ORJKRH57U/"
    },
    {
      "type": "REPORT",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RQO7V37RGQEKZDLY2JYKDZTLNN2YUBC5/"
    },
    {
      "type": "REPORT",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PXQ6KYP4UMNSCJYHFT4TBIXLR2325SNS/"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:7",
        "name": "radare2",
        "purl": "pkg:rpm/mageia/radare2?arch=source&distro=mageia-7"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.9.0-1.mga7"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:7",
        "name": "radare2-cutter",
        "purl": "pkg:rpm/mageia/radare2-cutter?arch=source&distro=mageia-7"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.9.0-1.1.mga7"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}