CVE-2020-15121: Command injection in Radare2
First published: Mon Jul 20 2020(Updated: )
In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.
Credit: security-advisories@github.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| radare2 | <4.5.0 | |
| Fedora | =31 | |
| Fedora | =32 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9
- https://github.com/radareorg/radare2/issues/16945
- https://github.com/radareorg/radare2/pull/16966
- https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MWC7KNBETYE5MK6VIUU26LUIISIFGSBZ/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YE77P5RSE2T7JHEKMWF2ARTSJGMPXCFY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YE77P5RSE2T7JHEKMWF2ARTSJGMPXCFY/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MWC7KNBETYE5MK6VIUU26LUIISIFGSBZ/
Frequently Asked Questions
What is the severity of CVE-2020-15121?
CVE-2020-15121 is considered a high severity vulnerability due to its potential for shell injection.
How do I fix CVE-2020-15121?
To fix CVE-2020-15121, upgrade to radare2 version 4.5.0 or later.
What is the impact of CVE-2020-15121?
The impact of CVE-2020-15121 includes execution of arbitrary commands via shell injection.
Which versions of radare2 are affected by CVE-2020-15121?
All versions of radare2 prior to 4.5.0 are affected by CVE-2020-15121.
Can CVE-2020-15121 be exploited remotely?
Yes, CVE-2020-15121 can be exploited remotely if a malicious PDB file is hosted.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/remedy
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/radare
- canonical/radare2
- vendor/fedoraproject
- canonical/fedora
- version/fedora/31
- version/fedora/32