Vulnerability Description
Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html).
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Radare | Radare2 | < 5.6.8 |
Related Weaknesses (CWE)
References
- https://github.com/radareorg/radare2/commit/c40a4f9862104ede15d0ba05ccbf80592307PatchThird Party Advisory
- https://huntr.dev/bounties/47422cdf-aad2-4405-a6a1-6f63a3a93200ExploitThird Party Advisory
- https://github.com/radareorg/radare2/commit/c40a4f9862104ede15d0ba05ccbf80592307PatchThird Party Advisory
- https://huntr.dev/bounties/47422cdf-aad2-4405-a6a1-6f63a3a93200ExploitThird Party Advisory
FAQ
What is CVE-2022-1238?
CVE-2022-1238 is a vulnerability with a CVSS score of 7.8 (HIGH). Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap b...
How severe is CVE-2022-1238?
CVE-2022-1238 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-1238?
Check the references section above for vendor advisories and patch information. Affected products include: Radare Radare2.