Candidate: CVE-2019-16718
PublicDate: 2019-09-23 14:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16718
 https://github.com/radareorg/radare2/commit/5411543a310a470b1257fb93273cdd6e8dfcb3af
 https://github.com/radareorg/radare2/commit/dd739f5a45b3af3d1f65f00fe19af1dbfec7aea7
 https://github.com/radareorg/radare2/compare/3.8.0...3.9.0
Description:
 In radare2 before 3.9.0, a command injection vulnerability exists in
 bin_symbols() in libr/core/cbin.c. By using a crafted executable file, it's
 possible to execute arbitrary shell commands with the permissions of the
 victim. This vulnerability is due to an insufficient fix for CVE-2019-14745
 and improper handling of symbol names embedded in executables.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
 https://bugs.launchpad.net/ubuntu/+source/radare2/+bug/1882889
 https://bugs.launchpad.net/ubuntu/+source/radare2/+bug/1882889
 https://bugs.launchpad.net/ubuntu/+source/radare2/+bug/1882889
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_radare2:
upstream_radare2: released (3.9.0)
precise/esm_radare2: DNE
trusty_radare2: ignored (out of standard support)
trusty/esm_radare2: DNE
xenial_radare2: not-affected (code not present)
bionic_radare2: not-affected (code not present)
disco_radare2: ignored (reached end-of-life)
eoan_radare2: ignored (reached end-of-life)
focal_radare2: not-affected (4.2.1+dfsg-1)
groovy_radare2: not-affected (4.2.1+dfsg-1)
devel_radare2: DNE