Candidate: CVE-2022-1383
PublicDate: 2022-04-18 01:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1383
 https://huntr.dev/bounties/02b4b563-b946-4343-9092-38d1c5cd60c9
 https://github.com/radareorg/radare2/commit/1dd65336f0f0c351d6ea853efcf73cf9c0030862
Description:
 Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to
 5.6.8. The bug causes the program reads data past the end of the intented
 buffer. Typically, this can allow attackers to read sensitive information
 from other memory locations or cause a crash.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H [6.1 MEDIUM]


Patches_radare2:
upstream_radare2: needs-triage
trusty_radare2: ignored (out of standard support)
xenial_radare2: ignored (out of standard support)
bionic_radare2: not-affected (code not present)
focal_radare2: not-affected (code not present)