SB2018060812 - Arch Linux update for radare2
Published: June 8, 2018 Updated: June 8, 2018
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 10 vulnerabilities.
1) Heap-based out-of-bounds read (CVE-ID: CVE-2018-11375)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the _inst__lds() function due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted binary file, trigger heap-based out-of-bounds read and cause the application to crash.
2) Heap-based out-of-bounds read (CVE-ID: CVE-2018-11376)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the r_read_le32() function due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted ELF file, trigger heap-based out-of-bounds read and cause the application to crash.
3) Heap-based out-of-bounds read (CVE-ID: CVE-2018-11377)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the avr_op_analyze() function due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted binary file, trigger heap-based out-of-bounds read and cause the application to crash.
4) Stack-based buffer overflow (CVE-ID: CVE-2018-11378)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the wasm_dis() function in libr/asm/arch/wasm/wasm.c due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted WASM file, trigger stack-based buffer overflow and cause the application to crash.
5) Heap-based out-of-bounds read (CVE-ID: CVE-2018-11379)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the get_debug_info() function due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted PE file, trigger heap-based out-of-bounds read and cause the application to crash.
6) Heap-based out-of-bounds read (CVE-ID: CVE-2018-11380)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the parse_import_ptr() function due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted Mach-O file, trigger heap-based out-of-bounds read and cause the application to crash.
7) Heap-based out-of-bounds read (CVE-ID: CVE-2018-11381)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the string_scan_range() function due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted binary file, trigger heap-based out-of-bounds read and cause the application to crash.
8) Heap-based out-of-bounds read (CVE-ID: CVE-2018-11382)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the _inst__sts() function due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted binary file, trigger heap-based out-of-bounds read and cause the application to crash.
9) Improper input validation (CVE-ID: CVE-2018-11383)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the r_strbuf_fini() function due to an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c. A remote attacker can send a specially crafted ELF file, trigger invalid free and cause the application to crash.
10) Heap-based out-of-bounds read (CVE-ID: CVE-2018-11384)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in the sh_op() function due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted ELF file, trigger heap-based out-of-bounds read and cause the application to crash.
Remediation
Install update from vendor's website.