CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.

Expand Up

@@ -831,7 +831,7 @@ static bool \_\_core\_anal\_fcn(RCore \*core, ut64 at, ut64 from, int reftype, int de

const RList \*syms \= r\_bin\_get\_symbols (core\->bin);

ut64 baddr \= r\_config\_get\_i (core\->config, "bin.baddr");

r\_list\_foreach (syms, iter, sym) {

if ((sym\->paddr + baddr) \== fcn\->addr && !strcmp (sym\->type, R\_BIN\_TYPE\_FUNC\_STR)) {

if (sym\->type && (sym\->paddr + baddr) \== fcn\->addr && !strcmp (sym\->type, R\_BIN\_TYPE\_FUNC\_STR)) {

free (new\_name);

new\_name \= r\_str\_newf ("sym.%s", sym\->name);

break;

Expand Down

Headline

CVE-2022-28070: Fix oobread crash in the analysis loop with corrupted ELFs (tests_649… · radareorg/radare2@4aff1bb

CVE: Latest News