Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In radare2 through 4.0, there is an integer overflow for the variable new_token_size in the function r_asm_massemble at libr/asm/asm.c. This integer overflow will result in a Use-After-Free for the buffer tokens, which can be filled with arbitrary malicious data after the free. This allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via crafted input.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
radare2 输入验证错误漏洞
Vulnerability Description
radare2是一套用于处理二进制文件的库和工具。 radare2 4.0及之前版本中的libr/asm/asm.c文件的‘r_asm_massemble’函数存在输入验证错误漏洞。远程攻击者可借助特制的输入利用该漏洞造成拒绝服务(应用程序崩溃)或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A