Fedora 39 radare2 Updates: Critical Heap Buffer Overflows

fedora

August 23, 2024

Bump to version 5.9.4

Summary

The radare2 is a reverse-engineering framework that is multi-architecture,

multi-platform, and highly scriptable. Radare2 provides a hexadecimal

editor, wrapped I/O, file system support, debugger support, diffing

between two functions or binaries, and code analysis at opcode,

basic block, and function levels.

Update Information:

Bump to version 5.9.4

Topics Covered

security advisory Fedora update information reverse engineering heap buffer overflow radare2 multi-platform framework

Change Log

* Mon Aug 12 2024 Michal Ambroz - 5.9.4-1 - bump to 5.9.4 * Fri Jul 19 2024 Fedora Release Engineering - 5.9.2-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild * Wed May 22 2024 Michal Ambroz - 5.9.2-1 - bump to 5.9.2 * Sat Apr 20 2024 Michal Ambroz 5.9.0-1 - bump to 5.9.0 * Fri Jan 26 2024 Fedora Release Engineering - 5.8.8-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Jan 22 2024 Fedora Release Engineering - 5.8.8-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Thu Oct 26 2023 Michal Ambroz 5.8.8-3 - rebuild F40+ with capstone 5.0.1+ * Thu Oct 26 2023 Michal Ambroz 5.8.8-2 - cherrypick from upstream master patches for known vulnerabilities: - CVE-2023-4322 - heap-buffer-overflow in the brainfuck dissassembler - CVE-2023-5686 - heap-buffer-overflow in /radare2/shlr/java/code.c

References

[ 1 ] Bug #2251066 - TRIAGE CVE-2023-47016 radare2: out of bounds read in xnu kernelcache [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2251066 [ 2 ] Bug #2303807 - iaito-5.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2303807 [ 3 ] Bug #2303875 - radare2-5.9.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2303875 [ 4 ] Bug #2304300 - F40FailsToInstall: iaito https://bugzilla.redhat.com/show_bug.cgi?id=2304300 [ 5 ] Bug #2304301 - F39FailsToInstall: iaito https://bugzilla.redhat.com/show_bug.cgi?id=2304301

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-3667e29b88' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity

critical

Lowest

Low

Medium

High

Critical

Name: radare2

Product: Fedora 39

Version: 5.9.4

Release: 1.fc39

URL: https://radare.org/

Summary: The reverse engineering framework

Topics Covered

security advisory Fedora update information reverse engineering heap buffer overflow radare2 multi-platform framework

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 39 radare2 Updates: Critical Heap Buffer Overflows

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 39 radare2 Updates: Critical Heap Buffer Overflows

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!