VDB-99250 · CVE-2017-6194 · BID 97299

radare2 1.2.1 libr/bin/p/bin_bflt.c relocs Binary File memory corruption

A vulnerability was found in radare2 1.2.1. It has been declared as critical. This vulnerability affects the function relocs of the file libr/bin/p/bin_bflt.c. The manipulation as part of Binary File leads to memory corruption. Using CWE to declare the problem leads to CWE-119. The bug was discovered 02/22/2017. The weakness was published 04/03/2017 as 72794dc3523bbd5bb370de3c5857cb736c387e18 (GitHub Repository). The advisory is available at github.com. This vulnerability was named CVE-2017-6194. The attack needs to be approached locally. Technical details are available. There is no exploit available. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment. It is declared as not defined. The vulnerability was handled as a non-public zero-day exploit for at least 40 days. As 0-day the estimated underground price was around $0-$5k. The bugfix is ready for download at github.com. A possible mitigation has been published even before and not after the disclosure of the vulnerability. The vulnerability is also documented other vulnerability databases: SecurityFocus (BID 97299).

Field04/03/2017 04:59 PM08/25/2020 12:49 PM11/24/2022 06:35 PM
typeProgramming Tool SoftwareProgramming Tool SoftwareProgramming Tool Software
nameradare2radare2radare2
version1.2.11.2.11.2.1
filelibr/bin/p/bin_bflt.clibr/bin/p/bin_bflt.clibr/bin/p/bin_bflt.c
functionrelocsrelocsrelocs
input_typeBinary FileBinary FileBinary File
cwe119 (memory corruption)119 (memory corruption)119 (memory corruption)
risk222
cvss2_vuldb_basescore6.86.86.8
cvss2_vuldb_tempscore6.16.16.1
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciPPP
cvss2_vuldb_iiPPP
cvss2_vuldb_aiPPP
cvss2_nvd_avNNN
cvss2_nvd_acMMM
cvss2_nvd_auNNN
cvss2_nvd_ciPPP
cvss2_nvd_iiPPP
cvss2_nvd_aiPPP
cvss3_meta_basescore6.56.56.5
cvss3_meta_tempscore6.06.06.3
cvss3_vuldb_basescore5.35.35.3
cvss3_vuldb_tempscore4.94.94.9
cvss3_vuldb_avLLL
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiRRR
cvss3_vuldb_sUUU
cvss3_vuldb_cLLL
cvss3_vuldb_iLLL
cvss3_vuldb_aLLL
cvss3_nvd_avLLL
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiRRR
cvss3_nvd_sUUU
cvss3_nvd_cHHH
cvss3_nvd_iHHH
cvss3_nvd_aHHH
date1491177600 (04/03/2017)1491177600 (04/03/2017)1491177600 (04/03/2017)
locationGitHub RepositoryGitHub RepositoryGitHub Repository
urlhttps://github.com/radare/radare2/commit/72794dc3523bbd5bb370de3c5857cb736c387e18https://github.com/radare/radare2/commit/72794dc3523bbd5bb370de3c5857cb736c387e18https://github.com/radare/radare2/commit/72794dc3523bbd5bb370de3c5857cb736c387e18
price_0day$0-$5k$0-$5k$0-$5k
cveCVE-2017-6194CVE-2017-6194CVE-2017-6194
cve_assigned1487721600 (02/22/2017)1487721600 (02/22/2017)1487721600 (02/22/2017)
cve_nvd_published149117760014911776001491177600
cve_nvd_summaryThe relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file.
securityfocus972999729997299
securityfocus_titleradare2 'libr/bin/p/bin_bflt.c' Remote Heap Buffer Overflow Vulnerabilityradare2 'libr/bin/p/bin_bflt.c' Remote Heap Buffer Overflow Vulnerabilityradare2 'libr/bin/p/bin_bflt.c' Remote Heap Buffer Overflow Vulnerability
seealso992529925299252
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcUCUCUC
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcUUU
0day_days404040
cvss3_nvd_basescore7.87.87.8
discoverydate14877216001487721600
confirm_urlhttps://github.com/radare/radare2/commit/72794dc3523bbd5bb370de3c5857cb736c387e18https://github.com/radare/radare2/commit/72794dc3523bbd5bb370de3c5857cb736c387e18
osvdb_titleCVE-2017-6194 - radare2 - Buffer Overflow IssueCVE-2017-6194 - radare2 - Buffer Overflow Issue
securityfocus_date1491177600 (04/03/2017)1491177600 (04/03/2017)
securityfocus_classFailure to Handle Exceptional ConditionsFailure to Handle Exceptional Conditions
identifier72794dc3523bbd5bb370de3c5857cb736c387e18
patch_urlhttps://github.com/radare/radare2/commit/72794dc3523bbd5bb370de3c5857cb736c387e18
cvss2_nvd_basescore6.8

Interested in the pricing of exploits?

See the underground prices here!