First published: Tue May 22 2018(Updated: )
The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
radare2 | =2.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-11379 has a severity level classified as medium due to the potential for denial of service.
To fix CVE-2018-11379, upgrade to a patched version of radare2 that addresses this vulnerability.
CVE-2018-11379 allows remote attackers to execute a denial of service attack through crafted PE files.
CVE-2018-11379 affects radare2 version 2.5.0.
While CVE-2018-11379 primarily causes application crashes, it does not directly lead to data loss.