Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 651578 - dev-util/radare2: Multiple vulnerabilities
Summary: dev-util/radare2: Multiple vulnerabilities
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL:
Whiteboard: ~3 [noglsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2018-03-26 13:35 UTC by GLSAMaker/CVETool Bot
Modified: 2018-06-22 03:19 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2018-03-26 13:35:16 UTC
CVE-2018-8810 (https://nvd.nist.gov/vuln/detail/CVE-2018-8810):
  In radare2 2.4.0, there is a heap-based buffer over-read in the
  get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage
  this vulnerability to cause a denial of service via a crafted Mach-O file.

CVE-2018-8809 (https://nvd.nist.gov/vuln/detail/CVE-2018-8809):
  In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op
  function of anal_dalvik.c. Remote attackers could leverage this
  vulnerability to cause a denial of service via a crafted dex file.

CVE-2018-8808 (https://nvd.nist.gov/vuln/detail/CVE-2018-8808):
  In radare2 2.4.0, there is a heap-based buffer over-read in the
  r_asm_disassemble function of asm.c. Remote attackers could leverage this
  vulnerability to cause a denial of service via a crafted dex file.
Comment 1 Sergei Trofimovich gentoo-dev 2018-03-27 22:44:52 UTC
Those are fixed upstream as:
- https://github.com/radare/radare2/issues/9725
- https://github.com/radare/radare2/issues/9726
- https://github.com/radare/radare2/issues/9727

Only 2 of 3 patches apply as-is on 2.4.0. Let's give upstream some time (up to this weekend) to cut release before investing time in backporting.
Comment 2 Larry the Git Cow gentoo-dev 2018-04-10 06:38:04 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=66b305975cdb7550b4111882dcae37d24ad297ca

commit 66b305975cdb7550b4111882dcae37d24ad297ca
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2018-04-10 06:37:11 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-10 06:37:48 +0000

    dev-util/radare2: drop old
    
    Bug: https://bugs.gentoo.org/651578
    Bug: https://bugs.gentoo.org/636184
    Bug: https://bugs.gentoo.org/637454
    Package-Manager: Portage-2.3.28, Repoman-2.3.9

 dev-util/radare2/Manifest                |  4 --
 dev-util/radare2/radare2-2.1.0-r1.ebuild | 63 --------------------------------
 dev-util/radare2/radare2-2.1.0-r2.ebuild | 56 ----------------------------
 dev-util/radare2/radare2-2.1.0.ebuild    | 59 ------------------------------
 dev-util/radare2/radare2-2.2.0.ebuild    | 56 ----------------------------
 dev-util/radare2/radare2-2.3.0.ebuild    | 56 ----------------------------
 dev-util/radare2/radare2-2.4.0.ebuild    | 56 ----------------------------
 7 files changed, 350 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=40f69da3a82363c3220215da8a91c9740d7f7071

commit 40f69da3a82363c3220215da8a91c9740d7f7071
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2018-04-10 06:35:34 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2018-04-10 06:37:47 +0000

    dev-util/radare2: bump up to 2.5.0
    
    Bug: https://bugs.gentoo.org/651578
    Package-Manager: Portage-2.3.28, Repoman-2.3.9

 dev-util/radare2/Manifest             |  1 +
 dev-util/radare2/radare2-2.5.0.ebuild | 56 +++++++++++++++++++++++++++++++++++
 2 files changed, 57 insertions(+)}