Advisories » MGASA-2022-0440

Updated radare2/rizin packages fix security vulnerability

Publication date: 27 Nov 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-3673 , CVE-2021-4021 , CVE-2021-32613 , CVE-2021-44974 , CVE-2021-44975 , CVE-2022-0173 , CVE-2022-0419 , CVE-2022-0476 , CVE-2022-0518 , CVE-2022-0519 , CVE-2022-0520 , CVE-2022-0521 , CVE-2022-0522 , CVE-2022-0523 , CVE-2022-0559 , CVE-2022-0676 , CVE-2022-0695 , CVE-2022-0712 , CVE-2022-0713

Description

In radare2 through 5.3.0 there is a double free vulnerability in the pyc
parse via a crafted file which can lead to DoS. (CVE-2021-32613)

A vulnerability was found in Radare2 in version 5.3.1. Improper input
validation when reading a crafted LE binary can lead to resource
exhaustion and DoS. (CVE-2021-3673)

A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0,
5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64
binary for MIPS architecture can lead to uncontrolled resource consumption
and DoS. (CVE-2021-4021)

radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference
via libr/bin/p/bin_symbols.c binary symbol parser. (CVE-2021-44974)

radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via
/libr/core/anal_objc.c mach-o parser. (CVE-2021-44975)

radare2 is vulnerable to Out-of-bounds Read. (CVE-2022-0173)

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to
5.6.0. (CVE-2022-0419)

Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
(CVE-2022-0476)

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to
5.6.2. (CVE-2022-0518)

Buffer Access with Incorrect Length Value in GitHub repository
radareorg/radare2 prior to 5.6.2. (CVE-2022-0519)

Use After Free in NPM radare2.js prior to 5.6.2. (CVE-2022-0520)

Access of Memory Location After End of Buffer in GitHub repository
radareorg/radare2 prior to 5.6.2. (CVE-2022-0521)

Access of Memory Location Before Start of Buffer in NPM radare2.js prior
to 5.6.2. (CVE-2022-0522)

Expired Pointer Dereference in GitHub repository radareorg/radare2 prior
to 5.6.2. (CVE-2022-0523)

Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2.
(CVE-2022-0559)

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to
5.6.4. (CVE-2022-0676)

Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4.
(CVE-2022-0695)

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to
5.6.4. (CVE-2022-0712)

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to
5.6.4. (CVE-2022-0713)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=29163
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/V2UL4V4XKSFJVNNUMFV443UJXGDBYGS4/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JIARALLVVY2362AYFSFULTZKIW6QO5R5/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/
• https://www.openwall.com/lists/oss-security/2022/05/25/1
• https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3673
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4021
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32613
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44974
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44975
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0173
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0419
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0476
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0518
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0519
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0520
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0521
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0522
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0523
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0559
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0676
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0695
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0712
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0713

SRPMS

8/core

• radare2-5.6.4-1.mga8
• radare2-cutter-2.0.4-2.mga8
• rizin-0.3.1-1.mga8