A vulnerability was found in radare2 2.0.1 on 32-bit (Programming Tool Software). It has been declared as critical. This vulnerability affects the function store_versioninfo_gnu_verdef of the file libr/bin/format/elf/elf.c. The manipulation as part of a Negative Number leads to a out-of-bounds vulnerability. The CWE definition for the vulnerability is CWE-125. The product reads data past the end, or before the beginning, of the intended buffer. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems.

The bug was discovered 10/26/2017. The weakness was presented 10/27/2017 (GitHub Repository). The advisory is available at github.com. This vulnerability was named CVE-2017-15932 since 10/27/2017. The attack can be initiated remotely. No form of authentication is required for a successful exploitation. Successful exploitation requires user interaction by the victim. Technical details are known, but there is no available exploit.

The vulnerability was handled as a non-public zero-day exploit for at least 1 days. During that time the estimated underground price was around $0-$5k.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

See 108717 for similar entry.

Productinfo

Type

• Programming Tool Software

Name

• radare2

Version

• 2.0.1

License

• open-source

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion