CVE-2021-4021
First published: Thu Feb 24 2022(Updated: )
A vulnerability was found in Radare2 in versions prior to 5.6.2, 5.6.0, 5.5.4 and 5.5.2. Mapping a huge section filled with zeros of an ELF64 binary for MIPS architecture can lead to uncontrolled resource consumption and DoS.
Credit: patrick@puiterwijk.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Radare Radare2 | <=5.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this Radare2 vulnerability?
The vulnerability ID for this Radare2 vulnerability is CVE-2021-4021.
What is the severity of CVE-2021-4021?
The severity of CVE-2021-4021 is high with a CVSS score of 7.5.
Which versions of Radare2 are affected by CVE-2021-4021?
Versions of Radare2 prior to 5.6.2, 5.6.0, 5.5.4, and 5.5.2 are affected by CVE-2021-4021.
What is the impact of CVE-2021-4021?
CVE-2021-4021 can lead to uncontrolled resource consumption and DoS (Denial of Service).
Is there a fix available for CVE-2021-4021?
Yes, upgrading to Radare2 version 5.6.2 or later can fix CVE-2021-4021.
- collector/nvd-index
- agent/author
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/tags
- agent/description
- agent/type
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- vendor/radare
- canonical/radare radare2
- version/radare radare2/5.5.0