Advisories » MGASA-2024-0298

Updated radare2 packages fix security vulnerability

Publication date: 13 Sep 2024
Modification date: 13 Sep 2024
Type: security
Affected Mageia releases : 9
CVE: CVE-2023-47016

Description

radare2  has an out-of-bounds read in r_bin_object_set_items in
libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian
                

References

• https://bugs.mageia.org/show_bug.cgi?id=33534
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZIWVQC4JNA2JCJ7L3XNZBGYJ52KSQWKC/
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-47016

SRPMS

9/core

• radare2-5.8.8-1.2.mga9