[Bug 1118324] New: VUL-1: CVE-2018-19842: radare2: getToken in libr/asm/p/asm_x86_nz.c allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data
http://bugzilla.opensuse.org/show_bug.cgi?id=1118324 Bug ID: 1118324 Summary: VUL-1: CVE-2018-19842: radare2: getToken in libr/asm/p/asm_x86_nz.c allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.1 Hardware: Other URL: https://smash.suse.de/issue/220104/ OS: Other Status: NEW Severity: Minor Priority: P5 - None Component: Security Assignee: daniel.molkentin@suse.com Reporter: rfrohl@suse.com QA Contact: security-team@suse.de Found By: Security Response Team Blocker: --- CVE-2018-19842 getToken in libr/asm/p/asm_x86_nz.c in radare2 before 3.1.0 allows attackers to cause a denial of service (stack-based buffer over-read) via crafted x86 assembly data, as demonstrated by rasm2. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-19842 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19842 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1118324
http://bugzilla.opensuse.org/show_bug.cgi?id=1118324#c1
Robert Frohl
participants (1)
-
bugzilla_noreply@novell.com