CVE-2017-16359 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16359): In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c. References: https://github.com/radare/radare2/commit/62e39f34b2705131a2d08aff0c2e542c6a52cf0e https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac48313882 https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243d https://github.com/radare/radare2/issues/8764 CVE-2017-16358 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16358): In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search. References: https://github.com/radare/radare2/commit/d31c4d3cbdbe01ea3ded16a584de94149ecd31d9 https://github.com/radare/radare2/issues/8748 CVE-2017-16357 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16357): In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf/elf.c, as demonstrated by an invalid free. This error is due to improper sh_size validation when allocating memory. References: https://github.com/radare/radare2/commit/0b973e28166636e0ff1fad80baa0385c9c09c53a https://github.com/radare/radare2/issues/8742
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2869d5ce2b00c252852cece926192b8a6fe879d5 commit 2869d5ce2b00c252852cece926192b8a6fe879d5 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2017-11-27 22:55:35 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2017-11-27 22:55:46 +0000 dev-util/radare2: drop old Reported-by: Daj' Uan (Jmbailey) Reported-by: Aleksandr Wagner (Kivak) Bug: https://bugs.gentoo.org/636184 Bug: https://bugs.gentoo.org/637454 Package-Manager: Portage-2.3.16, Repoman-2.3.6 dev-util/radare2/Manifest | 1 - .../radare2/files/radare2-2.0.1-635618-p1.patch | 29 ----------- .../radare2/files/radare2-2.0.1-635618-p2.patch | 30 ----------- dev-util/radare2/radare2-2.0.1-r1.ebuild | 58 ---------------------- 4 files changed, 118 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f317b21403367e54ad982d541cd85aa62a633753 commit f317b21403367e54ad982d541cd85aa62a633753 Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2017-11-27 22:54:35 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2017-11-27 22:55:46 +0000 dev-util/radare2: bump up to 2.1.0 Reported-by: Daj' Uan (Jmbailey) Reported-by: Aleksandr Wagner (Kivak) Bug: https://bugs.gentoo.org/636184 Bug: https://bugs.gentoo.org/637454 Package-Manager: Portage-2.3.16, Repoman-2.3.6 dev-util/radare2/Manifest | 3 +- dev-util/radare2/radare2-2.1.0.ebuild | 56 +++++++++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+), 1 deletion(-)}
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=66b305975cdb7550b4111882dcae37d24ad297ca commit 66b305975cdb7550b4111882dcae37d24ad297ca Author: Sergei Trofimovich <slyfox@gentoo.org> AuthorDate: 2018-04-10 06:37:11 +0000 Commit: Sergei Trofimovich <slyfox@gentoo.org> CommitDate: 2018-04-10 06:37:48 +0000 dev-util/radare2: drop old Bug: https://bugs.gentoo.org/651578 Bug: https://bugs.gentoo.org/636184 Bug: https://bugs.gentoo.org/637454 Package-Manager: Portage-2.3.28, Repoman-2.3.9 dev-util/radare2/Manifest | 4 -- dev-util/radare2/radare2-2.1.0-r1.ebuild | 63 -------------------------------- dev-util/radare2/radare2-2.1.0-r2.ebuild | 56 ---------------------------- dev-util/radare2/radare2-2.1.0.ebuild | 59 ------------------------------ dev-util/radare2/radare2-2.2.0.ebuild | 56 ---------------------------- dev-util/radare2/radare2-2.3.0.ebuild | 56 ---------------------------- dev-util/radare2/radare2-2.4.0.ebuild | 56 ---------------------------- 7 files changed, 350 deletions(-)}
