Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2018-8810

In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file.

Related bugs and status

CVE-2018-8810 (Candidate) is related to these bugs:

Bug #1882889: Update vulnerable radare2 on 16.04, 18.04, 19.10

Summary				In	Importance	Status
	1882889	Update vulnerable radare2 on 16.04, 18.04, 19.10		radare2 (Ubuntu)	Undecided	Confirmed

See the

CVE page on Mitre.org for more details.

References

MISC: https://github.com/rad...