http://bugzilla.opensuse.org/show_bug.cgi?id=1198187 Bug ID: 1198187 Summary: VUL-1: CVE-2022-1240: Heap buffer overflow in libr/bin/format/mach0/mach0.c Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.4 Hardware: Other URL: https://smash.suse.de/issue/328285/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: stefan.bruens@rwth-aachen.de Reporter: cathy.hu@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2022-1240 Heap buffer overflow in libr/bin/format/mach0/mach0.c in GitHub repository radareorg/radare2 prior to 5.8.6. If address sanitizer is disabled during the compiling, the program should executes into the `r_str_ncpy` function. Therefore I think it is very likely to be exploitable. For more general description of heap buffer overflow, see [CWE](https://cwe.mitre.org/data/definitions/122.html). References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1240 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1240 https://github.com/radareorg/radare2/commit/ca8d8b39f3e34a4fd943270330b80f11... https://huntr.dev/bounties/e589bd97-4c74-4e79-93b5-0951a281facc -- You are receiving this mail because: You are on the CC list for the bug.