ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2022.0440
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2022-0440)
Resumen:	The remote host is missing an update for the 'radare2, radare2-cutter, rizin' package(s) announced via the MGASA-2022-0440 advisory.
Descripción:	Summary: The remote host is missing an update for the 'radare2, radare2-cutter, rizin' package(s) announced via the MGASA-2022-0440 advisory. Vulnerability Insight: In radare2 through 5.3.0 there is a double free vulnerability in the pyc parse via a crafted file which can lead to DoS. (CVE-2021-32613) A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS. (CVE-2021-3673) A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS. (CVE-2021-4021) radareorg radare2 version 5.5.2 is vulnerable to NULL Pointer Dereference via libr/bin/p/bin_symbols.c binary symbol parser. (CVE-2021-44974) radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser. (CVE-2021-44975) radare2 is vulnerable to Out-of-bounds Read. (CVE-2022-0173) NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.0. (CVE-2022-0419) Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. (CVE-2022-0476) Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.2. (CVE-2022-0518) Buffer Access with Incorrect Length Value in GitHub repository radareorg/radare2 prior to 5.6.2. (CVE-2022-0519) Use After Free in NPM radare2.js prior to 5.6.2. (CVE-2022-0520) Access of Memory Location After End of Buffer in GitHub repository radareorg/radare2 prior to 5.6.2. (CVE-2022-0521) Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2. (CVE-2022-0522) Expired Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.2. (CVE-2022-0523) Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. (CVE-2022-0559) Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. (CVE-2022-0676) Denial of Service in GitHub repository radareorg/radare2 prior to 5.6.4. (CVE-2022-0695) NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.4. (CVE-2022-0712) Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4. (CVE-2022-0713) Affected Software/OS: 'radare2, radare2-cutter, rizin' package(s) on Mageia 8. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2021-32613 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3S7JB46PONPHXZHIMR2XDPLGJCN5ZIX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W3LPB5VGCIA7WA55FSB3YZQFUGZKWD7O/ https://github.com/radareorg/radare2/commit/5e16e2d1c9fe245e4c17005d779fde91ec0b9c05 https://github.com/radareorg/radare2/commit/a07dedb804a82bc01c07072861942dd80c6b6d62 https://github.com/radareorg/radare2/issues/18666 https://github.com/radareorg/radare2/issues/18667 https://bugzilla.redhat.com/show_bug.cgi?id=1959939 https://github.com/radareorg/radare2/issues/18679 Common Vulnerability Exposure (CVE) ID: CVE-2021-3673 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NFQPEPMLAOQNGZG5OHSPZBNONGG4DDJO/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JIARALLVVY2362AYFSFULTZKIW6QO5R5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XGOU2EFE7YK2YDRNFV6QFUWW2SL2GGQA/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQIRJ72UALGMSWH6MYPVJQQLXFGZ23RS/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SKGIB52R4XPCPNEW6GF56EHW7ST24IJU/ https://bugzilla.redhat.com/show_bug.cgi?id=1989130 Common Vulnerability Exposure (CVE) ID: CVE-2021-4021 https://github.com/radareorg/radare2/issues/19436 Common Vulnerability Exposure (CVE) ID: CVE-2021-44974 https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/ https://github.com/radareorg/radare2/issues/19478 http://www.openwall.com/lists/oss-security/2022/05/25/1 Common Vulnerability Exposure (CVE) ID: CVE-2021-44975 https://github.com/radareorg/radare2/issues/19476 Common Vulnerability Exposure (CVE) ID: CVE-2022-0173 https://huntr.dev/bounties/727d8600-88bc-4dde-8dea-ee3d192600e5 https://github.com/radareorg/radare2/commit/37897226a1a31f982bfefdc4aeefc2e50355c73c Common Vulnerability Exposure (CVE) ID: CVE-2022-0419 https://huntr.dev/bounties/1f84e79d-70e7-4b29-8b48-a108f81c89aa https://github.com/radareorg/radare2/commit/feaa4e7f7399c51ee6f52deb84dc3f795b4035d6 Common Vulnerability Exposure (CVE) ID: CVE-2022-0476 https://huntr.dev/bounties/81ddfbda-6c9f-4b69-83ff-85b15141e35d https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6YBRQ3UCFWJVSOYIKPVUDASZ544TFND/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BZTIMAS53YT66FUS4QHQAFRJOBMUFG6D/ https://github.com/radareorg/radare2/commit/27fe8031782d3a06c3998eaa94354867864f9f1b Common Vulnerability Exposure (CVE) ID: CVE-2022-0518 https://huntr.dev/bounties/10051adf-7ddc-4042-8fd0-8e9e0c5b1184 https://github.com/radareorg/radare2/commit/9650e3c352f675687bf6c6f65ff2c4a3d0e288fa Common Vulnerability Exposure (CVE) ID: CVE-2022-0519 https://huntr.dev/bounties/af85b9e1-d1cf-4c0e-ba12-525b82b7c1e3 https://github.com/radareorg/radare2/commit/6c4428f018d385fc80a33ecddcb37becea685dd5 Common Vulnerability Exposure (CVE) ID: CVE-2022-0520 https://huntr.dev/bounties/ce13c371-e5ef-4993-97f3-3d33dcd943a6 https://github.com/radareorg/radare2/commit/8525ad0b9fd596f4b251bb3d7b114e6dc7ce1ee8 Common Vulnerability Exposure (CVE) ID: CVE-2022-0521 https://huntr.dev/bounties/4d436311-bbf1-45a3-8774-bdb666d7f7ca Common Vulnerability Exposure (CVE) ID: CVE-2022-0522 https://huntr.dev/bounties/2d45e589-d614-4875-bba1-be0f729e7ca9 https://github.com/radareorg/radare2/commit/d17a7bdf166108a29a27cd89bf454f9fa6c050d6 Common Vulnerability Exposure (CVE) ID: CVE-2022-0523 https://huntr.dev/bounties/9d8d6ae0-fe00-40b9-ae1e-b0e8103bac69 https://github.com/radareorg/radare2/commit/35482cb760db10f87a62569e2f8872dbd95e9269 Common Vulnerability Exposure (CVE) ID: CVE-2022-0559 https://huntr.dev/bounties/aa80adb7-e900-44a5-ad05-91f3ccdfc81e https://github.com/radareorg/radare2/commit/b5cb90b28ec71fda3504da04e3cc94a362807f5e Common Vulnerability Exposure (CVE) ID: CVE-2022-0676 https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485 https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6 Common Vulnerability Exposure (CVE) ID: CVE-2022-0695 https://huntr.dev/bounties/bdbddc0e-fb06-4211-a90b-7cbedcee2bea https://github.com/radareorg/radare2/commit/634b886e84a5c568d243e744becc6b3223e089cf Common Vulnerability Exposure (CVE) ID: CVE-2022-0712 https://huntr.dev/bounties/1e572820-e502-49d1-af0e-81833e2eb466 https://github.com/radareorg/radare2/commit/515e592b9bea0612bc63d8e93239ff35bcf645c7 Common Vulnerability Exposure (CVE) ID: CVE-2022-0713 https://huntr.dev/bounties/d35b3dff-768d-4a09-a742-c18ca8f56d3c https://github.com/radareorg/radare2/commit/a35f89f86ed12161af09330e92e5a213014e46a1
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.