CVE-2017-7854 in radare2
Summary
The consume_init_expr function in wasm.c in radare2 1.3.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Web Assembly file.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Reservation
04/13/2017
Disclosure
04/13/2017
Status
Confirmed
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 99842 | radare2 Web Assembly File wasm.c consume_init_expr memory corruption | 119 | Not defined | Official fix | CVE-2017-7854 |