SB2018032007 - Multiple vulnerabilities in Radare radare2

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Out-of-bounds read (CVE-ID: CVE-2018-8808)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file. A remote attacker can perform a denial of service attack.

2) Out-of-bounds read (CVE-ID: CVE-2018-8809)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file. A remote attacker can perform a denial of service attack.

3) Out-of-bounds read (CVE-ID: CVE-2018-8810)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file. A remote attacker can perform a denial of service attack.

Remediation

Install update from vendor's website.

References

• https://github.com/radare/radare2/issues/9725
• https://github.com/radare/radare2/issues/9726
• https://github.com/radare/radare2/issues/9727