[Bug 1234065] New: VUL-0: CVE-2024-29645: radare2: buffer overflow vulnerability allows an attacker to execute arbitrary code via the parse_die function
https://bugzilla.suse.com/show_bug.cgi?id=1234065 Bug ID: 1234065 Summary: VUL-0: CVE-2024-29645: radare2: buffer overflow vulnerability allows an attacker to execute arbitrary code via the parse_die function Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/430859/ OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: smash_bz@suse.de QA Contact: security-team@suse.de CC: abergmann@suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-29645 https://www.cve.org/CVERecord?id=CVE-2024-29645 https://gist.github.com/Crispy-fried-chicken/83f0f5e8a475284d64bf99fb342e902... https://github.com/radareorg/radare2/commit/72bf3a486fa851797aa21887a40ba0e3... https://github.com/radareorg/radare2/pull/22561 https://github.com/CVEProject/cvelistV5/blob/main//cves/2024/29xxx/CVE-2024-... -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1234065 SMASH SMASH <smash_bz@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1234065 https://bugzilla.suse.com/show_bug.cgi?id=1234065#c2 --- Comment #2 from Marcus Meissner <meissner@suse.com> --- openSUSE-SU-2024:0397-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1234065 CVE References: CVE-2024-29645 JIRA References: Sources used: openSUSE Backports SLE-15-SP6 (src): radare2-5.9.8-bp156.4.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1234065 https://bugzilla.suse.com/show_bug.cgi?id=1234065#c3 --- Comment #3 from Marcus Meissner <meissner@suse.com> --- openSUSE-SU-2024:0396-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1234065 CVE References: CVE-2024-29645 JIRA References: Sources used: openSUSE Backports SLE-15-SP5 (src): radare2-5.9.8-bp155.2.3.1 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1234065 https://bugzilla.suse.com/show_bug.cgi?id=1234065#c4 Alexander Bergmann <abergmann@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #4 from Alexander Bergmann <abergmann@suse.com> --- Closed as fixed. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com