Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 651578

Summary: dev-util/radare2: Multiple vulnerabilities
Product: Gentoo Security Reporter: GLSAMaker/CVETool Bot <glsamaker>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: davidroman96, slyfox
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: ~3 [noglsa cve]
Package list:
Runtime testing required: ---

Description GLSAMaker/CVETool Bot gentoo-dev 2018-03-26 13:35:16 UTC 
CVE-2018-8810 (https://nvd.nist.gov/vuln/detail/CVE-2018-8810):
  In radare2 2.4.0, there is a heap-based buffer over-read in the
  get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage
  this vulnerability to cause a denial of service via a crafted Mach-O file.

CVE-2018-8809 (https://nvd.nist.gov/vuln/detail/CVE-2018-8809):
  In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op
  function of anal_dalvik.c. Remote attackers could leverage this
  vulnerability to cause a denial of service via a crafted dex file.

CVE-2018-8808 (https://nvd.nist.gov/vuln/detail/CVE-2018-8808):
  In radare2 2.4.0, there is a heap-based buffer over-read in the
  r_asm_disassemble function of asm.c. Remote attackers could leverage this
  vulnerability to cause a denial of service via a crafted dex file.
Comment 1 Sergei Trofimovich (RETIRED) gentoo-dev 2018-03-27 22:44:52 UTC 
Those are fixed upstream as:
- https://github.com/radare/radare2/issues/9725
- https://github.com/radare/radare2/issues/9726
- https://github.com/radare/radare2/issues/9727

Only 2 of 3 patches apply as-is on 2.4.0. Let's give upstream some time (up to this weekend) to cut release before investing time in backporting.
Comment 2 Larry the Git Cow gentoo-dev 2018-04-10 06:38:04 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=66b305975cdb7550b4111882dcae37d24ad297ca

commit 66b305975cdb7550b4111882dcae37d24ad297ca
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2018-04-10 06:37:11 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-10 06:37:48 +0000

    dev-util/radare2: drop old
    
    Bug: https://bugs.gentoo.org/651578
    Bug: https://bugs.gentoo.org/636184
    Bug: https://bugs.gentoo.org/637454
    Package-Manager: Portage-2.3.28, Repoman-2.3.9

 dev-util/radare2/Manifest                |  4 --
 dev-util/radare2/radare2-2.1.0-r1.ebuild | 63 --------------------------------
 dev-util/radare2/radare2-2.1.0-r2.ebuild | 56 ----------------------------
 dev-util/radare2/radare2-2.1.0.ebuild    | 59 ------------------------------
 dev-util/radare2/radare2-2.2.0.ebuild    | 56 ----------------------------
 dev-util/radare2/radare2-2.3.0.ebuild    | 56 ----------------------------
 dev-util/radare2/radare2-2.4.0.ebuild    | 56 ----------------------------
 7 files changed, 350 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40f69da3a82363c3220215da8a91c9740d7f7071

commit 40f69da3a82363c3220215da8a91c9740d7f7071
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2018-04-10 06:35:34 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-10 06:37:47 +0000

    dev-util/radare2: bump up to 2.5.0
    
    Bug: https://bugs.gentoo.org/651578
    Package-Manager: Portage-2.3.28, Repoman-2.3.9

 dev-util/radare2/Manifest             |  1 +
 dev-util/radare2/radare2-2.5.0.ebuild | 56 +++++++++++++++++++++++++++++++++++
 2 files changed, 57 insertions(+)}