CVE-2022-1444

Name
CVE-2022-1444
Description
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.7.0. This vulnerability is capable of inducing denial of service.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
CONFIRM https://huntr.dev/bounties/b438a940-f8a4-4872-b030-59bdd1ab72aa
MISC https://github.com/radareorg/radare2/commit/14189710859c27981adb4c2c2aed2863c1859ec5

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:radare:radare2:*:*:*:*:*:*:*:* radare2 >= None < 5.7.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
radare2 3.15-community 5.5.0-r0 Valery Kartel <valery.kartel@gmail.com> possibly vulnerable
radare2 3.16-community 5.6.8-r0 Valery Kartel <valery.kartel@gmail.com> possibly vulnerable