Radare

Do you want an email whenever new security vulnerabilities are reported in any Radare product?

Products by Radare Sorted by Most Security Vulnerabilities since 2018

Radare2106 vulnerabilities

Radare2 Extras1 vulnerability

By the Year

In 2023 there have been 16 vulnerabilities in Radare with an average score of 8.0 out of ten. Last year Radare had 48 security vulnerabilities published. Right now, Radare is on track to have less security vulnerabilities in 2023 than it did last year. However, the average CVE base score of the vulnerabilities in 2023 is greater by 1.05.

Year	Vulnerabilities	Average Score
2023	16	8.01
2022	48	6.95
2021	3	7.60
2020	1	9.60
2019	8	7.48
2018	31	5.72

It may take a day or so for new Radare vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Radare Security Vulnerabilities

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c

CVE-2023-47016 7.5 - High - November 22, 2023

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c, causing a crash in r_read_le32 in libr/include/r_endian.h.

Memory Corruption

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

CVE-2023-46570 9.8 - Critical - October 28, 2023

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

Out-of-bounds Read

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

CVE-2023-46569 9.8 - Critical - October 28, 2023

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

Out-of-bounds Read

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

CVE-2023-5686 8.8 - High - October 20, 2023

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

Memory Corruption

A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.

CVE-2022-28069 7.5 - High - August 22, 2023

A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.

Memory Corruption

A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.

CVE-2022-28073 7.5 - High - August 22, 2023

A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.

Dangling pointer

A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.

CVE-2022-28068 7.5 - High - August 22, 2023

A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.

Memory Corruption

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.

CVE-2022-28070 7.5 - High - August 22, 2023

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.

NULL Pointer Dereference

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.

CVE-2022-28071 7.5 - High - August 22, 2023

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.

Dangling pointer

A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.

CVE-2022-28072 7.5 - High - August 22, 2023

A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.

Memory Corruption

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

CVE-2023-4322 9.8 - Critical - August 14, 2023

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

Memory Corruption

Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function

CVE-2021-32495 9.1 - Critical - July 07, 2023

Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function. Attacker can read freed memory afterwards. This will allow attackers to cause denial of service.

Dangling pointer

Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function

CVE-2021-32494 7.5 - High - July 07, 2023

Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function. This allow attackers to create malicious inputs that can cause denial of service.

Divide By Zero

Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.

CVE-2023-1605 7.5 - High - March 23, 2023

Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.

Resource Exhaustion

radare2 v5.8.3 was discovered to contain a segmentation fault

CVE-2023-27114 5.5 - Medium - March 10, 2023

radare2 v5.8.3 was discovered to contain a segmentation fault via the component wasm_dis at p/wasm/wasm.c.

NULL Pointer Dereference

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.

CVE-2023-0302 7.8 - High - January 15, 2023

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.

Injection

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.

CVE-2022-4843 7.5 - High - December 29, 2022

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.

NULL Pointer Dereference

Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.

CVE-2022-4398 7.8 - High - December 10, 2022

Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.

Integer Overflow or Wraparound

An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c

CVE-2020-27793 7.5 - High - August 19, 2022

An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack.

off-by-five

A segmentation fault was discovered in radare2 with adf command

CVE-2020-27795 7.5 - High - August 19, 2022

A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_get_fcn_in (core->anal, core->offset, -1); returns null pointer for fcn causing segmentation fault later in ensure_fcn_range (fcn).

Use of Uninitialized Resource

Radare

Products by Radare Sorted by Most Security Vulnerabilities since 2018

Radare2106 vulnerabilities

Radare2 Extras1 vulnerability

By the Year

Recent Radare Security Vulnerabilities

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c CVE-2023-47016 7.5 - High - November 22, 2023

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h. CVE-2023-46570 9.8 - Critical - October 28, 2023

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. CVE-2023-46569 9.8 - Critical - October 28, 2023

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. CVE-2023-5686 8.8 - High - October 20, 2023

A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0. CVE-2022-28069 7.5 - High - August 22, 2023

A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0. CVE-2022-28073 7.5 - High - August 22, 2023

A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0. CVE-2022-28068 7.5 - High - August 22, 2023

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0. CVE-2022-28070 7.5 - High - August 22, 2023

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0. CVE-2022-28071 7.5 - High - August 22, 2023

A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0. CVE-2022-28072 7.5 - High - August 22, 2023

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. CVE-2023-4322 9.8 - Critical - August 14, 2023

Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function CVE-2021-32495 9.1 - Critical - July 07, 2023

Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function CVE-2021-32494 7.5 - High - July 07, 2023

Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6. CVE-2023-1605 7.5 - High - March 23, 2023

radare2 v5.8.3 was discovered to contain a segmentation fault CVE-2023-27114 5.5 - Medium - March 10, 2023

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2. CVE-2023-0302 7.8 - High - January 15, 2023

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2. CVE-2022-4843 7.5 - High - December 29, 2022

Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0. CVE-2022-4398 7.8 - High - December 10, 2022

An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c CVE-2020-27793 7.5 - High - August 19, 2022

A segmentation fault was discovered in radare2 with adf command CVE-2020-27795 7.5 - High - August 19, 2022

radare2 5.8.9 has an out-of-bounds read in r_bin_object_set_items in libr/bin/bobj.c

CVE-2023-47016 7.5 - High - November 22, 2023

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h.

CVE-2023-46570 9.8 - Critical - October 28, 2023

An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h.

CVE-2023-46569 9.8 - Critical - October 28, 2023

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

CVE-2023-5686 8.8 - High - October 20, 2023

A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.

CVE-2022-28069 7.5 - High - August 22, 2023

A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.

CVE-2022-28073 7.5 - High - August 22, 2023

A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.

CVE-2022-28068 7.5 - High - August 22, 2023

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.

CVE-2022-28070 7.5 - High - August 22, 2023

A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.

CVE-2022-28071 7.5 - High - August 22, 2023

A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.

CVE-2022-28072 7.5 - High - August 22, 2023

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0.

CVE-2023-4322 9.8 - Critical - August 14, 2023

Radare2 has a use-after-free vulnerability in pyc parser's get_none_object function

CVE-2021-32495 9.1 - Critical - July 07, 2023

Radare2 has a division by zero vulnerability in Mach-O parser's rebase_buffer function

CVE-2021-32494 7.5 - High - July 07, 2023

Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6.

CVE-2023-1605 7.5 - High - March 23, 2023

radare2 v5.8.3 was discovered to contain a segmentation fault

CVE-2023-27114 5.5 - Medium - March 10, 2023

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.

CVE-2023-0302 7.8 - High - January 15, 2023

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.8.2.

CVE-2022-4843 7.5 - High - December 29, 2022

Integer Overflow or Wraparound in GitHub repository radareorg/radare2 prior to 5.8.0.

CVE-2022-4398 7.8 - High - December 10, 2022

An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c

CVE-2020-27793 7.5 - High - August 19, 2022

A segmentation fault was discovered in radare2 with adf command

CVE-2020-27795 7.5 - High - August 19, 2022