CVE-2018-11384 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Denial of service |
| Description | The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-709 | radare2 | 2.5.0-1 | 2.6.0-1 | High | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 05 Jun 2018 | ASA-201806-2 | AVG-709 | radare2 | High | multiple issues |
| References |
|---|
https://github.com/radare/radare2/commit/77c47cf873dd55b396da60baa2ca83bbd39e4add https://github.com/radare/radare2/issues/9903 |