CVE-2022-1240 — Vulnetix

CVE-2022-1240 PUBLISHED CVSS 7.599999904632568 HIGH

Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).

EPSS 0.24% · 47.2th percentile

Risk Scores

CVSS v3.0

7.599999904632568

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H

EPSS Score

0.24%

47.2th percentile

Affected Products

Vendor	Product	Versions
radareorg	radareorg/radare2	unspecified
radare	radare2	0

Timeline

Apr 6, 2022 CVE Published
Apr 9, 2022 EPSS Score
May 29, 2022 EPSS Score
Jul 20, 2022 EPSS Score
Sep 8, 2022 EPSS Score
Oct 28, 2022 EPSS Score
Dec 18, 2022 EPSS Score
Feb 6, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 17, 2023 EPSS Score
Jul 7, 2023 EPSS Score

References

https://huntr.dev/bounties/e589bd97-4c74-4e79-93b5-0951a281facc url
https://github.com/radareorg/radare2/commit/ca8d8b39f3e34a4fd943270330b80f1148129de4 url
https://nvd.nist.gov/vuln/detail/CVE-2022-1240 advisory

Open in Interactive Console →