CVE-2020-27795
First published: Fri Aug 19 2022(Updated: )
A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn).
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Radare Radare2 | <4.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-27795?
CVE-2020-27795 is a vulnerability discovered in radare2 with the adf command, which can lead to a segmentation fault.
What is the severity of CVE-2020-27795?
CVE-2020-27795 has a severity level of 7.5 (high).
How does CVE-2020-27795 affect Radare Radare2?
CVE-2020-27795 affects Radare Radare2 version 4.4.0 and prior.
How can I fix CVE-2020-27795?
To fix CVE-2020-27795, it is recommended to update Radare Radare2 to a version later than 4.4.0.
Where can I find more information about CVE-2020-27795?
More information about CVE-2020-27795 can be found in the references provided: [GitHub Commit](https://github.com/radareorg/radare2/commit/4d3811681a80f92a53e795f6a64c4b0fc2c8dd22), [GitHub Issue](https://github.com/radareorg/radare2/issues/16215), [GitHub Pull Request](https://github.com/radareorg/radare2/pull/16230).
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- agent/remedy
- collector/mitre-cve
- source/MITRE
- vendor/radare
- canonical/radare radare2