http://bugzilla.opensuse.org/show_bug.cgi?id=1198186 Bug ID: 1198186 Summary: VUL-1: CVE-2022-1238: radare2: Heap-based Buffer Overflow in libr/bin/format/ne/ne.c Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.4 Hardware: Other URL: https://smash.suse.de/issue/328287/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: security-team@suse.de Reporter: cathy.hu@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2022-1238 Heap-based Buffer Overflow in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1238 https://github.com/radareorg/radare2/commit/c40a4f9862104ede15d0ba05ccbf8059... https://huntr.dev/bounties/47422cdf-aad2-4405-a6a1-6f63a3a93200 -- You are receiving this mail because: You are on the CC list for the bug.