Vulnerability Details CVE-2017-15932
In radare2 2.0.1, an integer exception (negative number leading to an invalid memory access) exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c via crafted ELF files when parsing the ELF version on 32bit systems.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- http://www.securityfocus.com/bid/101614
- https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9
- https://github.com/radare/radare2/issues/8743
- http://www.securityfocus.com/bid/101614
- https://github.com/radare/radare2/commit/44ded3ff35b8264f54b5a900cab32ec489d9e5b9
- https://github.com/radare/radare2/issues/8743