Bug 1199891 (CVE-2021-44975)

Summary:	VUL-1: CVE-2021-44975: radare2: Buffer Overflow via /libr/core/anal_objc.c mach-o parser
Product:	[openSUSE] openSUSE Distribution	Reporter:	Hu <cathy.hu>
Component:	Security	Assignee:	Stefan Brüns <stefan.bruens>
Status:	RESOLVED INVALID	QA Contact:	Security Team bot <security-team>
Severity:	Minor
Priority:	P5 - None
Version:	Leap 15.4
Target Milestone:	---
Hardware:	Other
OS:	Other
URL:	https://smash.suse.de/issue/332847/
Whiteboard:
Found By:	Security Response Team	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---

Description Hu 2022-05-25 06:50:45 UTC

CVE-2021-44975

radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via
/libr/core/anal_objc.c mach-o parser.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44975
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44975
https://github.com/radareorg/radare2/issues/19476
https://census-labs.com/news/2022/05/24/multiple-vulnerabilities-in-radare2/

Comment 1 Hu 2022-05-25 06:51:44 UTC

Closing, not affected:
- openSUSE:Factory/radare2 5.5.4