Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 41: FEDORA-2024-ac8d48e58a critical: radare2 command injection

fedora
Calendar Grey December 12, 2024
Dist Fedora Esm H88
Ubuntu 24.04 introduces gdb to version 12.2, fixing major vulnerabilities related to buffer overflow risks. Keep your devices protected!
The radare2 is a reverse-engineering framework that is multi-architecture, multi-platform, and highly scriptable

Summary

The radare2 is a reverse-engineering framework that is multi-architecture,

multi-platform, and highly scriptable. Radare2 provides a hexadecimal

editor, wrapped I/O, file system support, debugger support, diffing

between two functions or binaries, and code analysis at opcode,

basic block, and function levels.

Update Information:

Bump radare2 to 5.9.8, iaito to 5.9.9, fixes CVE-2024-11858

Topics%20covered

Topics Covered

security advisory software update Fedora command injection advisory information radare2

Change Log

* Sat Nov 30 2024 Michal Ambroz - 5.9.8-4 - fix epel build * Mon Nov 25 2024 Michal Ambroz - 5.9.8-2 - documentation of embedded quickjs-ng library * Fri Nov 22 2024 Michal Ambroz - 5.9.8-1 - bump to 5.9.8

References


[ 1 ] Bug #2313891 - iaito: fails to install from epel9 https://bugzilla.redhat.com/show_bug.cgi?id=2313891 [ 2 ] Bug #2327286 - iaito-5.9.9 is available https://bugzilla.redhat.com/show_bug.cgi?id=2327286 [ 3 ] Bug #2327308 - radare2-5.9.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2327308 [ 4 ] Bug #2329104 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [epel-8] https://bugzilla.redhat.com/show_bug.cgi?id=2329104 [ 5 ] Bug #2329105 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [epel-9] https://bugzilla.redhat.com/show_bug.cgi?id=2329105 [ 6 ] Bug #2329107 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [fedora-40] https://bugzilla.redhat.com/show_bug.cgi?id=2329107 [ 7 ] Bug #2329108 - CVE-2024-11858 radare2: Command Injection via Pebble Application Files in Radare2 [fedora-41] ...

Read the Full Advisory

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-ac8d48e58a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: radare2
Product: Fedora 41
Version: 5.9.8
Release: 4.fc41
URL: https://radare.org/
Summary: The reverse engineering framework

Topics%20covered

Topics Covered

security advisory software update Fedora command injection advisory information radare2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here