Vulnerability Description
In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
CVSS Score
5.5
MEDIUM
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Radare | Radare2 | 2.0.1 |
Related Weaknesses (CWE)
References
- https://github.com/radare/radare2/commit/62e39f34b2705131a2d08aff0c2e542c6a52cf0Issue TrackingPatchThird Party Advisory
- https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac4831388Issue TrackingPatchThird Party Advisory
- https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243Issue TrackingPatchThird Party Advisory
- https://github.com/radare/radare2/issues/8764ExploitIssue TrackingPatch
- https://github.com/radare/radare2/commit/62e39f34b2705131a2d08aff0c2e542c6a52cf0Issue TrackingPatchThird Party Advisory
- https://github.com/radare/radare2/commit/d21e91f075a7a7a8ed23baa5c1bb1fac4831388Issue TrackingPatchThird Party Advisory
- https://github.com/radare/radare2/commit/fbaf24bce7ea4211e4608b3ab6c1b45702cb243Issue TrackingPatchThird Party Advisory
- https://github.com/radare/radare2/issues/8764ExploitIssue TrackingPatch
FAQ
What is CVE-2017-16359?
CVE-2017-16359 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
How severe is CVE-2017-16359?
CVE-2017-16359 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-16359?
Check the references section above for vendor advisories and patch information. Affected products include: Radare Radare2.