Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 733368 (CVE-2020-15121) - <dev-util/radare2-4.5.0: Command injection vulnerability (CVE-2020-15121)
Summary: <dev-util/radare2-4.5.0: Command injection vulnerability (CVE-2020-15121)
Status: RESOLVED FIXED
Alias: CVE-2020-15121
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL: https://github.com/radareorg/radare2/...
Whiteboard: ~1 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-07-20 20:36 UTC by John Helmert III
Modified: 2020-07-20 21:38 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III gentoo-dev Security 2020-07-20 20:36:05 UTC
CVE-2020-15121:

In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.



Maintainers, please cleanup.
Comment 1 Larry the Git Cow gentoo-dev 2020-07-20 21:31:21 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f8b1eb856f923a61e2d1c5bf1f12145e89232c5c

commit f8b1eb856f923a61e2d1c5bf1f12145e89232c5c
Author:     Sergei Trofimovich <slyfox@gentoo.org>
AuthorDate: 2020-07-20 21:30:44 +0000
Commit:     Sergei Trofimovich <slyfox@gentoo.org>
CommitDate: 2020-07-20 21:31:10 +0000

    dev-util/radare2: drop old <4.5.0 versions
    
    Bug: https://bugs.gentoo.org/733368
    Package-Manager: Portage-3.0.0, Repoman-2.3.23
    Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>

 dev-util/radare2/Manifest                         |  1 -
 dev-util/radare2/files/radare2-4.4.0-AR.patch     | 25 ---------
 dev-util/radare2/files/radare2-4.4.0-RANLIB.patch | 24 ---------
 dev-util/radare2/radare2-4.4.0-r1.ebuild          | 65 -----------------------
 4 files changed, 115 deletions(-)
Comment 2 John Helmert III gentoo-dev Security 2020-07-20 21:38:13 UTC
(In reply to Larry the Git Cow from comment #1)
> The bug has been referenced in the following commit(s):
> 
> https://gitweb.gentoo.org/repo/gentoo.git/commit/
> ?id=f8b1eb856f923a61e2d1c5bf1f12145e89232c5c
> 
> commit f8b1eb856f923a61e2d1c5bf1f12145e89232c5c
> Author:     Sergei Trofimovich <slyfox@gentoo.org>
> AuthorDate: 2020-07-20 21:30:44 +0000
> Commit:     Sergei Trofimovich <slyfox@gentoo.org>
> CommitDate: 2020-07-20 21:31:10 +0000
> 
>     dev-util/radare2: drop old <4.5.0 versions
>     
>     Bug: https://bugs.gentoo.org/733368
>     Package-Manager: Portage-3.0.0, Repoman-2.3.23
>     Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
> 
>  dev-util/radare2/Manifest                         |  1 -
>  dev-util/radare2/files/radare2-4.4.0-AR.patch     | 25 ---------
>  dev-util/radare2/files/radare2-4.4.0-RANLIB.patch | 24 ---------
>  dev-util/radare2/radare2-4.4.0-r1.ebuild          | 65
> -----------------------
>  4 files changed, 115 deletions(-)

Thanks. noglsa, all done.